A hacker on his computer in China’s Guangdong province in 2020. Photo: AFP
Source:
https://scmp.com/news/world/article/3202313/china-hackers-stole-millions-us-covid-19-relief-money-says-secret-service World
China hackers stole millions in US Covid-19 relief money, Secret Service says
- Service gave no details but confirmed report by NBC news that the hackers reportedly responsible are known as APT41 or Winnti, a prolific cybercriminal group
- Chinese embassy said accusations ‘groundless’; several members of the group indicted in 2019, 2020 by Justice Department for spying on over 100 companies
The US says Chinese hackers stole millions of dollars of the nation’s Covid-19 relief money. Photo: Shutterstock Images
Chinese hackers have stolen tens of millions of dollars’ worth of US Covid relief benefits since 2020, the Secret Service said.
The Secret Service declined to provide any additional details but confirmed a report by NBC News that said the Chinese hacking team that is reportedly responsible is known within the security research community as APT41 or Winnti.
APT41 is a prolific cybercriminal group that had conducted a mix of government-backed cyber intrusions and financially motivated data breaches, according to experts.
Several members of the hacking group were indicted in 2019 and 2020 by the US Justice Department for spying on over 100 companies, including software development companies, telecommunications providers, social media firms, and video game developers.
“Regrettably, the Chinese Communist Party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China,” former Deputy Attorney General Jeffrey Rosen said at the time.
China’s embassy in Washington said in a statement that China has always “firmly opposed and cracked down on all forms of cyber theft and hacking” and that it opposed the “groundless accusations” against the country on cybersecurity.
Meanwhile, the Canadian branch of Amnesty International said on Monday it was the target of a cyberattack sponsored by China.
The human rights organisation said it first detected the breach on October 5 and hired forensic investigators and cybersecurity experts to investigate.
Ketty Nivyabandi, Secretary General of Amnesty International Canada, said the searches in their systems were specifically and solely related to China and Hong Kong, as well as a few prominent Chinese activists. The hack left the organisation offline for nearly three weeks.
US cybersecurity firm Secureworks said there was no attempt to monetise the access, and “a threat group sponsored or tasked by the Chinese state” was likely behind the attack because of the nature of the searches, the level of sophistication and the use of specific tools that are distinctive of China-sponsored actors.