The United States Department of Justice on Wednesday announced charges against five Chinese nationals and two Malaysians who ran global hacking operations for six years to steal identities, plant ransomware, video game technology, and spy on Hong Kong activists.
Three of the Chinese suspects operated out of Chengdu 404, a Sichuan-based company that alleged to offer network security services for other businesses.
They were involved in the hacking of the computers of many companies and organizers around the world to gather identities, hijack systems for ransom, and remotely use thousands of computers to mine for cryptocurrency like bitcoin.
Two Chinese nationals, who formerly worked for Chengdu 404, and two Malaysians were accused of hacking into major gaming companies to steal their secrets and “gaming artifacts,” likely tradable in-game chits and credits, and resell them.
All the seven were long recognized by cybersecurity experts as the “APT41” hacking organization, identified by their shared tools and techniques. While some had thought that the group might be operated by the Chinese government, the indictments didn’t identify a powerful official connection.
According to the Court filing Jiang Lizhi who worked for Chengdu 404 hackers, boasted to a colleague in 2012 that he was protected by China’s Ministry of State Security, and indicated that they were protected if they didn’t hack domestically.
“Some of those criminal actors believed that their association with the PRC provided them free license to hack and steal across the world,” federal prosecutor Michael Sherwin said in a statement.
The charges however failed to indicate any direct political motivations behind the hackers’ activities, though they did gain access to government computer systems in Vietnam and India.