U.S. charges Chinese hackers and government officials in broad cybercrime campaign
A set of criminal cases filed in New York and Washington add new detail to what U.S. officials say is a booming hacking-for-hire ecosystem in China, in which private companies and contractors are paid by the Chinese government to target victims of particular interest to Beijing in an arrangement meant to provide Chinese state security forces cover and deniability.
The indictments come as the U.S. government has warned of an increasingly sophisticated cyber threat from China, such as a hack last year of telecom firms called Salt Typhoon that gave Beijing access to private texts and phone conversations of an unknown number of Americans, including U.S. government officials and prominent public figures.
One indictment charges eight leaders and employees of a private hacking company known as I-Soon with conducting a sweeping array of computer breaches around the world meant to suppress speech, locate dissidents and steal data from victims. Among those charged is Wu Haibo, who founded I-Soon in Shanghai in 2010 and was a member of China's first hacktivist group, Green Army, and who is accused in the indictment of overseeing and directing hacking operations.
Earlier reporting by The Associated Press on leaked documents from I-Soon mainly showed I-Soon was targeting a wide range of governments such as India, Taiwan or Mongolia, but little on the United States.
But the indictment contains new revelations about I-Soon's activities targeting a wide range of Chinese dissidents, religious organizations and media outlets based in the U.S., including a newspaper identified as publishing news related to China and opposed to the Chinese Communist Party. Other targets included individual critics of China living in the U.S., the Defense Intelligence Agency and a research university.
The intended targets were in some cases directed by China's Ministry of Public Security — two law enforcement officers were charged with tasking certain assignments — but in other instances the hackers acted at their own initiative and tried to sell the stolen information to the government afterward, the indictment says.
The company charged the Chinese government the equivalent of between approximately $10,000 and $75,000 for each email inbox it successfully hacked, officials said.
Phone numbers listed for I-Soon on a Chinese corporate registry rang unanswered, and I-Soon representatives did not immediately respond to an AP email requesting comment.
A spokesperson for the Chinese Embassy in Washington, Liu Pengyu, suggested Wednesday that the allegations were a 'smear' and said, 'We hope that relevant parties will adopt a professional and responsible attitude and base their characterization of cyber incidents on sufficient evidence rather than groundless speculation and accusations.'
A separate indictment charges two other Chinese hackers, identified as Yin Kecheng and Zhou Shuai, in a for-profit hacking campaign that targeted victims including U.S. technology companies, think tanks, defense contractors and health care systems. Among the targets was the U.S. Treasury Department, which disclosed a breach by Chinese actors late last year in what it called a 'major cybersecurity incident.'
The Treasury Department announced sanctions Wednesday in connection with the hacking, and the State Department announced multimillion-dollar rewards for information about the defendants.
I-Soon is part of a sprawling industry in China, documented in an AP investigation last year, of private hacking contractors that steal data from other countries to sell to the Chinese authorities.
Over the past two decades, Chinese state security's demand for overseas intelligence has soared, giving rise to a vast network of these private hackers-for-hire companies that have infiltrated hundreds of systems outside China.
China's hacking industry rose in the early days of the internet, when Wu and other Chinese hackers declared themselves 'red hackers' — patriots who offered their services to the Chinese Communist Party, in contrast to the anti-establishment ethos popular among many coders.
The indictment 'proved the close ties and interaction among China's first generation patriotic hackers,' said Mei Danowski, a cybersecurity analyst who wrote about I-Soon on her blog, Natto Thoughts. They 'all turned to entrepreneurs now — doing businesses with the governments and making profits through other means.'
Since I-Soon documents were leaked online last year, the company has been suffering but is still in operation, according to Chinese corporate records. They've downsized and moved offices.
'Apparently i-SOON companies have been struggling to survive,' Danowski wrote on her blog. 'To Chinese state agencies, a company like i-SOON is disposable.'
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Spectator
an hour ago
- Spectator
How many homes in England have air conditioning?
Suit cases Volodymyr Zelensky again failed to wear a suit and tie to a meeting at the White House, in spite of being asked to do so – although Donald Trump did say he looked 'fabulous' in his black button-up suit. What did Allied leaders wear to the great conferences in the second world war? — Cairo 1943: Winston Churchill wore a white suit with bow tie; Franklin D. Roosevelt a lounge suit with striped tie; and the Chinese leader Chiang Kai-shek a military uniform. — Tehran 1943: Churchill and Stalin both wore military uniform; Roosevelt wore a pinstriped suit. — Yalta 1945: The photo session was held outside in cold weather. Churchill wore a thick civilian coat, FDR a cape over a lounge suit, and Stalin a military greatcoat. Cool customers According to the English Housing Survey, just 3% of households use air conditioning. How does this compare internationally? India 5% South Africa 6% Indonesia 9% EU 10% Mexico; Brazil 16% China 60% Saudi Arabia 63% South Korea 86% US 90% Japan 91% Source: International Energy Agency Inflated figures Train fares will again increase in line with the Retail Price Index (RPI) rather than the government's preferred measure of inflation, the Consumer Price Index (CPI). How much faster has the RPI risen compared with the CPI? RPI CPI Over 10 years 57% 39% 20 years 111% 78% 30 years 172% 106% Source: Office for National Statistics Home workers Grant Harrold, formerly one of the butlers at Highgrove, published his memoirs. How many homes in Britain employ staff? — According to the Work Foundation, 1 in 10 households employs staff, with 2m employed in this way. However, that includes part-time cleaners – there are rather fewer liveried butlers. — The ONS Annual Population Survey found there are 15,200 full-time and 25,900 part-time housekeepers, and 111,200 full-time and 47,100 part-time gardeners.
Spectator
2 hours ago
- Spectator
My plan for a wealth tax
Reading Careless People, an exposé of life within Facebook written by a Kiwi, it occurred to me that one potential advantage that the UK, Australia, Canada and New Zealand have over the US is we do not unthinkingly idolise the very rich. Americans sometimes find this confusing: it always irked transplanted American bankers in London that local employees were eager to make a few million quid, but lost interest beyond a certain threshold. Once they had a rectory in the Cotswolds, an Aga, two labradors and a Range Rover it was game over, you win. This is because the US is more of a money/power economy, whereas the Commonwealth countries are to a greater extent prestige economies. We shouldn't bemoan this, but turn it to our advantage instead. Here's how. It's a wealth tax. But wait. Traditionally the proponents of a wealth tax have implicitly attacked the wealthy. I think a better line of attack is to highlight people who should be really wealthy but aren't. At the moment, I think it unlikely that Sir Tim Berners-Lee is cruising round the Med on a 600ft megayacht crammed with bikini-clad supermodels. Nor is Sir Stanley Whittingham (co-inventor of the lithium-ion battery) sunning himself on an inflatable flamingo in an infinity pool overlooking Hvar. We don't even know who invented chicken tikka masala. All three have made many billions, perhaps trillions, of pounds – unfortunately, for other people. I once met the daughter of one of the four British and Australian men instrumental in the discovery and creation of penicillin. As I remember, she did live in the Cotswolds. I didn't see any evidence of a Range Rover, though. In a truly just world, she'd have a brand-new V8 Overfinch conversion, with light-up wheels. In short, any debate about wealth is meaningless unless we acknowledge that it is perfectly possible to create wealth without extracting it and that, correspondingly, it is also possible to extract wealth without creating it. Economists don't get this. So we have shovelled billions of dollars into the maw of Facebook without any evidence that the company is capable of enacting a single new idea. It's mostly extractive. Mark Zuckerberg is a big digital Duke of Westminster, without the redeeming charm or style. By contrast, I know Elon Musk's politics are a bit dicey, but he does keep trying new things. To be honest, if he invaded Poland I'd probably move there. But here's the thing. For every great idea you can monetise yourself, there are 20 that you can't – and it is these ideas which create wealth. So what's the plan? Well, if rich people are so brilliantly inventive (and some of them are), call them out at their own game. Instigate a wealth tax but hypothecate 25 per cent of the proceeds to an innovation fund. With 5 per cent, you retroactively reward unrecognised wealth creators: it would be nice to give Sir Stanley a Bentley, say, or an all-female bodyguard unit like Colonel Gaddafi (he may not actually want these things, admittedly: what you got there is a disturbing glimpse inside my imagination). With the remaining 20 per cent you instigate a prize fund worth billions to reward people for ideas which are impossible to monetise – the Harrison 'Longitude' Prize for the 21st century. If they are so clever, the rich can then earn their money back. I myself have an idea which would reduce needless GP visits by 50 per cent while costing nothing. If you can get a Rolls-Royce Spectre past NHS Procurement, it's yours. Out there somewhere is someone who knows a far better way of fixing potholes, solving the house-building crisis or reducing innumeracy. This is what we need to grow the economy, rather than a magical brainfart from Rachel Reeves.
The Guardian
3 hours ago
- The Guardian
DoJ says voting machine maker funneled LA county money into slush funds used to pay bribes
The justice department is alleging in a new court filing that three Smartmatic executives who were indicted last year on bribery and money-laundering charges transferred money from a 2018 voting machine contract with Los Angeles county into slush funds that were originally set up to pay bribes to election officials in Venezuela and the Philippines between 2012 and 2016 to obtain and retain lucrative election contracts. Prosecutors say one of the executives transferred an undisclosed amount from the $282m LA county contract into the slush funds in 2019 but did not say if anyone actually received bribes from the county's money at that point. The government is seeking to prove the funds were part of a long pattern of bribing election officials by Smartmatic, the voting machine company, which sued Fox News for defamation after the 2020 election. A separate court filing in a lawsuit brought by Fox News against LA county to obtain records about Smartmatic's relationship with Dean Logan, LA county's registrar-recorder and county clerk who oversees elections and the Smartmatic contract, Fox News asserts that Logan may have received inappropriate gifts from the company in the form of business-class travel and upscale restaurant meals. Logan is supposed to report vendor gifts above $50 on annual disclosure forms, but records obtained by Fox News and included in the court filing show he did not report some gifts from Smartmatic. Logan maintains he was not required to report the travel or a meal that Fox highlights in its filing. Fox News is seeking the records from LA county to support its defense against a defamation suit filed against it by Smartmatic in 2021. Last year, prosecutors in Florida filed corruption charges against the president of UK-based Smartmatic, along with two other current and former executives, for allegedly operating a years-long bribery and money-laundering scheme that paid bribes to an election official in the Philippines. The justice department has since said that the scheme involved payments to officials in Venezuela as well, where the company obtained its first elections contract in 2004. US election integrity activists have long been concerned about Smartmatic's contract with LA county, due to the company's controversial history, the founders' ties to Venezuela and a lack of transparency over company ownership. The company first tried to get into the US elections market in 2006, but a federal investigation into its ownership and potential ties to the Venezuelan government at the time put a halt to its US ambitions until it obtained the contract with LA county in 2018. Concerns about the company and its role in US elections increased last year when the justice department indicted its executives. The new revelations about the LA county money raise even more questions about the county's contract. Prosecutors allege that the Smartmatic executives conspired for years with the owner of Jarltech International, a hardware maker in Taiwan that manufactured voting machines for Smartmatic, to overcharge customers for the systems it built then used the excess money to pay bribes to election officials in the Philippines and Venezuela. Prosecutors do not say if they overcharged LA county as well or if any LA county money actually got paid out in bribes to anyone – only that some of that money made it into slush funds that had been used in the past to pay bribes. The justice department declined to answer questions about the case but said in a court filing that it has documents and witness testimony to support its claims about LA county's money. Smartmatic itself has not been accused of wrongdoing, only the three executives. But a Smartmatic spokesperson says the justice department allegations are 'filled with misrepresentations' and also says the company operates 'ethically' and abides 'by all laws always, both in Los Angeles county and every jurisdiction where we operate'. The new allegations are not part of charges the justice department brought against the Smartmatic executives. Prosecutors are only asking a Florida court to allow evidence about the LA county money to show a pattern in how the executives managed their alleged bribery and money-laundering scheme. After news of the indictments broke last year, the county barred the three executives from any further association with its Smartmatic contract but did not 'debar' the company itself, something it can do if a contractor shows a lack of 'business integrity or business honesty'. The county can also terminate a contract if a vendor gives any county officer or employee 'improper consideration' in the form of travel, entertainment or tangible gifts to secure favor. But Logan's office says it stands by its work with the company. With regard to the implication that LA county money that got into the slush funds might have come from overcharging the county, Logan says the county's contract with Smartmatic uses fixed pricing. 'The alleged actions in the federal matter are unrelated to the work performed under contract by Smartmatic for Los Angeles County,' according to a statement sent by Logan in an email. 'The County has no knowledge or visibility into how Smartmatic USA used proceeds from that contract; however, the County does validate work performed and deliverable requirements aligned to the fixed price structure of the contract prior to making any payments.' The contract runs through March 2027, but has three, two-year extension options that, if exercised, would stretch the agreement to 2033. It also does allow for changes in pricing up to 10% of the contracted amounts. The three indicted executives include company president and co-founder, Roger Alejandro Piñate Martinez Jr; Jorge Vasquez, former vice-president of hardware development for Smartmatic's US division; and Elie Moreno, who oversaw the company's contracts. According to a company bio, Piñate, who goes by Roger Piñate, played a 'critical' role in winning the LA county contract and was chief operating officer until becoming president in 2018, the year Smartmatic won the Los Angeles contract. Piñate is a Venezuelan citizen and permanent US resident, and Elie Moreno is a Venezuelan-Israeli. The company put Piñate and Moreno on administrative leave after the announcement of their indictments last year, and currently Ruliena Piñate, Roger's cousin, oversees Smartmatic's LA contract with another employee. She was co-president with her cousin before his indictment. Vasquez, a US citizen, left Smartmatic in 2021 in the midst of the justice department investigation. The justice department accuses him of receiving direct kickbacks for his role in the alleged scheme. Smartmatic has been dogged by controversy almost since its founding in Florida in 1999 by Piñate and two fellow Venezuelan engineers – Antonio Mugica and Alfredo José Anzola – as a network applications developer. The company shifted to voting machines in 2004 when then-Venezuelan president Hugo Chávez was threatened with a recall referendum. Months before the recall election, Venezuela's National Electoral Council announced it would replace the country's six-year-old voting machines with new ones under a $91m contract awarded to Smartmatic, Bizta – a small software firm owned by Mugica and his father – and the state-run telecom CANTV. Smartmatic and Bizta got the contract despite having no experience in voting machines or elections. There were other concerns about the deal as well: the Venezuelan government owned 28% of Bizta through a $200,000 investment in the firm, a close associate of Chávez was on Bizta's board, and two of the five members of the electoral council denounced the contract, citing irregularity with the bidding process. Chávez survived his recall battle, though not without additional controversy: he and his supporters were accused of rigging the election based on an outcome that differed from an exit poll. However, after an audit of the results, the US-based Carter Center, which monitors overseas elections, supported the outcome, as did the US state department. Riding its success in Venezuela, Smartmatic tried to enter the US elections market in 2006 by using money from the Venezuela contract to buy the California-based Sequoia Voting Systems, whose voting systems were used across the US. The purchase caught the attention of the Committee on Foreign Investment in the United States, which launched an investigation into Smartmatic's ownership and possible ties to the Venezuelan government. But rather than cooperate with the federal inquiry, Smartmatic quickly sold off Sequoia. The company then turned to Europe and other election markets, moving its headquarters to the UK in 2012. It won a contract worth more than $180m to supply the Philippines with more than 90,000 voting machines for its 2016 elections, with Jarltech International on board to manufacture the machines. But the company became embroiled in more controversy almost immediately after the election when Philippine authorities charged the head of Smartmatic's technical support team and two subordinates with accessing a system on election night used to transmit unofficial results and making an unauthorized change to code. The case was later dismissed. Two years after the Philippines election, Smartmatic won the Los Angeles contract. Smartmatic hoped to parlay this win to expand across the US. But after its machines were used for the first time in the 2020 presidential primary and general election, Donald Trump, who lost the election, falsely accused Smartmatic and Dominion Voting Systems of manipulating the results to give the election to Joe Biden. These claims were amplified by Fox News and other media outlets sympathetic to Trump, and in 2021, Smartmatic filed a series of defamation lawsuits against media outlets and Trump supporters who they say encouraged and amplified the vote-rigging assertions, including a $2.7bn defamation suit against Fox News. Smartmatic claims Fox News reporting decimated its US business prospects, causing other election jurisdictions to shun it. But Fox News says it simply covered newsworthy claims made by Trump and others. Last year Smartmatic settled a similar suit against Newsmax for $40m and against One America News for an undisclosed sum and seemed to be on path to win or settle the Fox News suit as well until the indictment of its executives. Fox News has used the indictments and alleged bribery scheme to support its defense in the defamation suit, saying in court documents that if the company has had trouble expanding its business in the US, it's due to these allegations and the company's troubled history, not Fox News reporting. Prosecutors from the southern district of Florida allege that the three Smartmatic executives and Jarltech owner Andy Wang engaged in a years-long conspiracy to overcharge the Philippines government for voting machines, then used the fraudulently obtained funds to pay more than $1m in kickbacks to Juan Andres Bautista – chair of the Philippine elections commission at the time – to win and retain a contract to supply systems for the 2016 elections there. Jarltech allegedly overcharged the Philippines government $10-$50 per voting machine in 'extra' or 'rush' fees, amassing about $6m in a slush fund to pay the bribes. Wang allegedly managed the funds in Hong Kong bank accounts, and Smartmatic executives directed the payments, using bogus purchasing agreements, shell companies and banks in Europe, Asia and the US. Bautista passed the money to a family member who then bought a condo in San Francisco, prosecutors say. Wang did not respond to questions from the Guardian. The justice department investigation began after Bautista's estranged wife told Philippine authorities in 2017 that her husband had $20m in 'unexplained wealth' and provided them with 35 passbooks for offshore bank accounts in Bautista's name. Bautista resigned as chair of the election commission two months later, and in 2023, news broke that the justice department had filed charges against him and was investigating unnamed Smartmatic executives as well. But the scheme didn't start with the Philippines. Prosecutors say the conspirators had also inflated the cost of voting machines sold to Venezuela to amass $4m for bribes paid to unnamed Venezuelan officials between 2012 and 2014 , showing a pattern of illegal activity. In 2019, prosecutors say Piñate also transferred ownership of an upscale home in Caracas to Tibisay Lucena Ramírez, then president of the Venezuelan National Electoral Council, to secure her assistance with its business interests in that country. A Smartmatic spokesperson calls the house claim 'untethered from reality'. She says Smartmatic 'ceased all operations in Venezuela in August 2017 after blowing the whistle on the government and has never sought to secure business there again'. In 2017, Smartmatic accused the Venezuelan electoral council and the Nicolás Maduro regime of manipulating voter turnout numbers and election results and ceased business in the country. But prosecutors say Piñate hoped to repair the relationship with Venezuela with Ramírez's help and gave her the Caracas home as a bribe. Ramírez died in 2023. The federal case against Smartmatic executives and the company's lawsuit against Fox News have now become intertwined due to the new allegations about the LA county money and questions about whether the executives used bribes to win favor around the county contract. Fox News says in its recent filing against LA county that it 'does not yet have evidence that slush fund payments or real estate title transfers were made to any L.A. County official', but it says that gifts Logan received from the company follow 'patterns of misconduct' that prosecutors have alleged occurred in other countries, and that Logan cultivated an unusually close relationship with Smartmatic executives that went 'well beyond typical business relationships.' Logan took a nine-day trip to the Maldives and Taiwan in July 2019 that was partially funded by Smartmatic, including business-class air fare, accommodations and meals, according to text messages obtained by Fox News and included in its court filing. The Maldives portion was covered by an organization that invited Logan to speak there, but Smartmatic paid for Logan's travel to Taiwan. Based on another text message not included in the court filing but seen by the Guardian, Smartmatic played a role in coordinating the conference invitation to Logan as well. Logan's wife accompanied him on the trip, but the text messages indicate he gave his credit card number to Smartmatic to cover her $5,000 air fare. Logan and his wife tacked on tourist activity to the Taiwan portion of their trip, and it's not clear how much Smartmatic paid for the entire excursion. Under California Fair Political Practices Commission regulations, gifts to state and local officials from a single source were limited to $500 a year when Logan took the trip. Smartmatic would not say how much it paid for the Taiwan trip, citing ongoing litigation. An LA county spokesperson said in an email that the Taiwan trip was not a gift but a work trip to conduct oversight of the manufacturing process – the trip included a visit to Jarltech, the subcontractor that was making the hardware for LA county's machines. The spokesperson wrote: 'the lead from the County's VSAP design contractor was also part of the trip, which included detailed reviews and presentations of products that required approval prior to manufacturing, and onsite visits to multiple product and manufacturing assembly plants/operations.' Approval of the manufacturing process was required as part of the contract, he says, and 'protocols for notification and approval of the travel were followed and are documented in the responsive records provided [to Fox News]'. Asked why the project manager for the contract, whose job is 'inspecting any and all tasks, deliverables, goods, services, or other work provided by or on behalf of the Contractor' didn't visit the Jarltech facilities instead of Logan, spokesperson Michael Sanchez said that as chief elections official 'Logan had and continues to have clear responsibility for ensuring contract compliance.' Fox News disputes that the travel was covered under the contract, noting that the contract only mentions paying travel expenses if county officials are auditing financial records related to Smartmatic's contract with the county and have to travel outside the county to view the company's financial records. Sanchez says the paragraph addressing travel expenses 'is not limited to the inspection of financial records for a financial audit' but includes travel to 'examine … any pertinent transaction, activity, or record' relating to the contract. In addition to the Taiwan travel, Fox News says Smartmatic paid for an unknown number of meals in upscale restaurants for Logan, at least one of which Logan did not report on annual disclosure form in 2022. In a deposition in the lawsuit Fox has filed against LA county to obtain Logan's records, Logan disputes that he was required to report the meal because he says it was a personal meal with a Smartmatic employee. He also rejects the suggestion that Smartmatic won its contract out of favoritism. 'The contract between Los Angeles County and Smartmatic USA was competitively bid, evaluated, and awarded in compliance with the County's open competitive public procurement processes,' Logan wrote in an email.
