Latest news with #SueBai
Yahoo
06-03-2025
- Yahoo
Chinese government using freelance hackers to compromise computer networks globally, FBI warns
The Chinese government is using freelance hackers and information security companies to compromise computer networks worldwide, FBI officials said in a public warning issued Wednesday. The warning comes as indictments were unsealed in New York and Washington on Wednesday against a dozen Chinese nationals accused of hacking into American computer networks and selling stolen data to the Chinese government. 'The Department of Justice will relentlessly pursue those who threaten our cybersecurity by stealing from our government and our people,' Sue Bai, head of the Justice Department's National Security Division, said in a statement Wednesday. 'We are exposing the Chinese government agents directing and fostering indiscriminate and reckless attacks against computers and networks worldwide, as well as the enabling companies and individual hackers that they have unleashed,' Bai said. 'We will continue to fight to dismantle this ecosystem of cyber mercenaries and protect our national security.' China's information security companies ecosystem 'flourishes' because China's government agencies 'weaponize' information security companies 'by tasking companies that advertise legitimate cybersecurity services to also use their expertise to gain unauthorized access to victim networks to collect for China's intelligence services,' FBI officials said in a statement. The government agencies in China involved in the alleged cybersecurity threats include China's primary intelligence service, the Ministry of State Security, and China's domestic police agency, the Ministry of Public Security, according to the FBI. The Southern District of New York on Wednesday unsealed an indictment against eight employees of Anxun Information Technology Co., Ltd., aka i-Soon, an information security company based in China, and two of China's domestic police officers who allegedly directed i-Soon activities 'in service of the Chinese government.' 'i-Soon has been a key player' in China's information security company ecosystem over the last decade, the FBI said. The company has been working with at least 43 separate Ministry of State Security or Ministry of Public Security bureaus in 31 provinces and municipalities across China. The indicted i-Soon hackers allegedly sold stolen data to the Chinese government agencies 'from a myriad of victims, to include US-based critics of the Chinese government and Chinese dissidents, a US news organization, a large US-based religious organization, multiple governments in Asia, and US federal and state government agencies,' FBI officials said. 'i-Soon sold information to China's intelligence and security services to suppress free speech and democratic processes worldwide, and target groups deemed a threat to the Chinese government,' officials said. i-Soon also sold platforms to China's primary intelligence service and domestic police agency customers 'for their own hacking efforts,' officials said. i-Soon's activities are publicly tracked as Aquatic Panda, Red Alpha, Red Hotel, Charcoal Typhoon, Red Scylla, Hassium, Chromium, and TAG-22, according to the FBI. 'This ecosystem of InfoSec companies and freelance hackers enables and encourages indiscriminate global cyber activity, while providing the Chinese government with a layer of plausible deniability,' FBI officials said in their statement. Also Wednesday, the federal court in Washington, D.C. unsealed two indictments of freelance Chinese hackers Yin KeCheng and Zhou Shuai, who are accused of maintaining ties to i-Soon and the Chinese government. Since 2011, Yin and Zhou have worked in China's information security company ecosystem 'and enriched themselves by selling stolen US information to the Chinese government,' prosecutors allege. Zhou served for a period of time in i-Soon's Strategic Consulting Division. Yin, known in Chinese hacking circles for his prolific targeting of US entities, explained to an associate in 2013 that he wanted to 'mess with the American military' and 'break into a big target,' hoping the proceeds from selling the stolen US data would be enough to purchase a car, prosecutors allege. At least one time, Yin compromised sensitive data which he turned over to Zhou, who partnered with an i-Soon employee to sell the stolen data, prosecutors said. Yin and Zhou's activities are publicly tracked as APT27, Threat Group 3390, Bronze Union, Emissary Panda, Lucky Mouse, Iron Tiger, UTA0178, UNC 5221, and Silk Typhoon, officials said. Anyone who suspects to be a victim of malicious cyber activity by groups associated with the government of China is urged to report the suspicious activity to the FBI's Internet Crime Complaint Center at as quickly as possible. This is a developing story. Check back for updates as more information becomes available. Download the FREE Boston 25 News app for breaking news alerts. Follow Boston 25 News on Facebook and Twitter. | Watch Boston 25 News NOW
WIRED
05-03-2025
- Politics
- WIRED
US Charges 12 Alleged Spies in China's Freewheeling Hacker-for-Hire Ecosystem
Mar 5, 2025 12:12 PM The Justice Department claims 10 alleged hackers and two eChinese government officials took part in a wave of cyberattacks around the globe that included breaching the US Treasury Department and more. Only rarely does the West get a glimpse inside the vast hacker-for-hire contractor ecosystem that enables China's digital intrusion campaigns worldwide. Now a new set of criminal charges against a dozen Chinese men, including two government officials, accuses them of a vast espionage campaign that included breaching the US Treasury, and goes as far as revealing the internal communications of some of those alleged hackers, their tools, and their business relationships. The US Department of Justice on Wednesday announced the indictments of 12 Chinese individuals accused of more than a decade of hacker intrusions around the world, including eight staffers for the contractor i-Soon, two officials at China's Ministry of Public Security who allegedly worked with them, and two other men who were allegedly part of the Chinese hacker group APT27 or Silk Typhoon, which prosecutors say was involved in the breach late last year of the US Treasury. 'Today, we are exposing the Chinese government agents directing and fostering indiscriminate and reckless attacks against computers and networks worldwide, as well as the enabling companies and individual hackers that they have unleashed." Sue Bai, who leads the Justice Department's National Security Division, wrote in a statement. 'The Department of Justice will relentlessly pursue those who threaten our cybersecurity by stealing from our government and our people.' According to US prosecutors, the group as a whole has targeted US state and federal agencies, foreign ministries of countries across Asia, Chinese dissidents, US-based media outlets that criticize the Chinese government, and most recently the US Treasury, which was breached between September and December of last year. This is a developing story, please check back for updates.
