Groups Similar Look up By Text Browse About



Similar articles
Article Id Title Prob Score Similar Compare
212428 ZDNET 2021-7-19:
DOJ charges four members of Chinese government hacking group
1.000 Find similar Compare side-by-side
212194 ARSTECHNICA 2021-7-19:
US warns China over state-sponsored hacking, citing mass attacks on Exchange
0.983 0.738 Find similar Compare side-by-side
212326 TECHREPUBLIC 2021-7-19:
US and allies finger China in Microsoft Exchange hack
0.730 0.599 Find similar Compare side-by-side
212426 ZDNET 2021-7-19:
UK and White House blame China for Microsoft Exchange Server hack
0.846 0.578 Find similar Compare side-by-side
212302 ZDNET 2021-7-21:
China dismisses Exchange attribution and accuses US of whitewashing its cyber heists
0.019 0.571 Find similar Compare side-by-side
212524 ARSTECHNICA 2021-7-21:
Home and office routers come under attack by China state hackers, France warns
0.012 0.399 Find similar Compare side-by-side
211992 ZDNET 2021-7-16:
Chinese APT LuminousMoth abuses Zoom brand to target gov't agencies
0.393 Find similar Compare side-by-side
212543 ARSTECHNICA 2021-7-22:
Saudi Aramco confirms data leak after $50 million cyber ransom demand
0.390 Find similar Compare side-by-side
212432 ZDNET 2021-7-19:
Singapore goes online in hunt for intelligence officers
0.389 Find similar Compare side-by-side
212601 ZDNET 2021-7-22:
Saudi Aramco denies breach after hackers hawk stolen files
0.381 Find similar Compare side-by-side
212430 ZDNET 2021-7-19:
MITRE announces first evaluations of cybersecurity tools for industrial control systems
0.379 Find similar Compare side-by-side
212608 ZDNET 2021-7-21:
Japanese government official says Olympic ticket data leaked
0.377 Find similar Compare side-by-side
212279 THEVERGE 2021-7-21:
‘PlugWalkJoe’ arrested in connection with 2020 hack of famous Twitter accounts
0.364 Find similar Compare side-by-side
212329 ZDNET 2021-7-20:
DHS releases new mandatory cybersecurity rules for pipelines after Colonial ransomware attack
0.364 Find similar Compare side-by-side
212609 ZDNET 2021-7-21:
UK national arrested in Spain after DOJ indictment for Twitter hack
0.363 Find similar Compare side-by-side
212251 ARSTECHNICA 2021-7-17:
Facebook catches Iranian spies catfishing US military targets
0.362 Find similar Compare side-by-side
212207 ARSTECHNICA 2021-7-19:
“Clickless” exploits from Israeli firm hacked activists’ fully updated iPhones
0.358 Find similar Compare side-by-side
212411 ZDNET 2021-7-16:
Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks
0.337 Find similar Compare side-by-side
212570 ARSTECHNICA 2021-7-22:
Kaseya gets master decryptor to help customers still suffering from REvil attack
0.335 Find similar Compare side-by-side
212421 ZDNET 2021-7-19:
NSO Group's Pegasus spyware used against journalists, political activists worldwide
0.334 Find similar Compare side-by-side
212603 ZDNET 2021-7-21:
US House terminates deal with iConstituent after company waited days to raise ransomware alarm
0.326 Find similar Compare side-by-side
212431 ZDNET 2021-7-19:
Law firm for Ford, Boeing, Exxon, Marriott, Walgreens, and more hacked in ransomware attack
0.322 Find similar Compare side-by-side
212268 ZDNET 2021-7-21:
This password-stealing Windows malware is distributed via ads in search results
0.321 Find similar Compare side-by-side
212285 VENTUREBEAT 2021-7-21:
Angeles Equity Partners Appoints John Chalaris to Primus Aerospace Board of Directors
0.310 Find similar Compare side-by-side
212297 TECHREPUBLIC 2021-7-20:
Top 5 things to know about supply chain attacks
0.306 Find similar Compare side-by-side

1

ID: 212428

URL: https://www.zdnet.com/article/doj-charges-four-members-of-chinese-government-hacking-group/

Date: 2021-07-19

DOJ charges four members of Chinese government hacking group

The unsealed indictments accuse three state security officers of working with a hacker to attack companies across the world. The Justice Department announced charges against four Chinese nationals on Monday, accusing the men of being part of a hacking group that attacked "companies, universities, and government entities in the United States and abroad between 2011 and 2018." According to a release from the DOJ, a San Diego federal grand jury returned the indictment of all four in May and it was unsealed on Friday. The indictment says Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin were members of the Hainan State Security Department working covertly within a front company called Hainan Xiandun Technology Development Co., Ltd. The goal of the operation, according to the Justice Department, was to steal information from companies that would help enterprises in China. The DOJ said the hackers were specifically looking for "information that would allow the circumvention of lengthy and resource-intensive research and development processes. " Operating out of Haikou, Hainan Province, the three are accused of "coordinating, facilitating, and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies."  Wu Shurong was also indicted for his role as a hacker who created malware, assisted the other three in breaking into computer systems, and allegedly supervised other Hainan Xiandun hackers. The DOJ noted that the group attacked companies across the US, Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, UK, Austria, Cambodia, Canada, and Germany. Most of the attacks targeted companies working in the defense, education, healthcare, biopharmaceutical, and aviation sectors.  Governments and nation states are now officially training for cyberwarfare: An inside look Europe, Canada, USA, Australia, and others are now running training exercises to prepare for the outbreak of cyberwar. Locked Shields is the largest simulation and TechRepublic takes you inside. Read More "Stolen trade secrets and confidential business information included, among other things, sensitive technologies used for submersibles and autonomous vehicles, specialty chemical formulas, commercial aircraft servicing, proprietary genetic-sequencing technology and data, and foreign information to support China's efforts to secure contracts for state-owned enterprises within the targeted country (e.g., large-scale high-speed railway development projects)," the Justice Department statement said.   "At research institutes and universities, the conspiracy targeted infectious-disease research related to Ebola, MERS, HIV/AIDS, Marburg, and tularemia."  The indictment also accuses educators at universities in Hainan and across China of working with the country's Ministry of State Security to help with the attacks.  Deputy Attorney General Lisa Monaco said the charges highlight that China continues to use cyber-enabled attacks to steal what other countries make, calling the government's actions representative of a "flagrant disregard of its bilateral and multilateral commitments." "The breadth and duration of China's hacking campaigns, including these efforts targeting a dozen countries across sectors ranging from healthcare and biomedical research to aviation and defense, remind us that no country or industry is safe," Monaco said.  The DOJ noted that multiple cybersecurity firms have chronicled the group's activities, giving them a variety of names over the years including Advanced Persistent Threat (APT) 40, BRONZE, MOHAWK, FEVERDREAM, G0065, Gadolinium, GreenCrash, Hellsing, Kryptonite Panda, Leviathan, Mudcarp, Periscope, Temp. Periscope, and Temp. Jumper.  The indictment lists the variety of hacking methods used to break into companies' systems, detailing how the group used spearphishing emails, hijacked credentials, and more.  "The conspiracy also used multiple and evolving sets of sophisticated malware, including both publicly available and customized malware, to obtain, expand, and maintain unauthorized access to victim computers and networks," the indictment said.  "The conspiracy's malware included those identified by security researchers as BADFLICK, aka GreenCrash; PHOTO, aka Derusbi; MURKYTOP, aka mt.exe; and HOMEFRY, aka dp.dll. Such malware allowed for initial and continued intrusions into victim systems, lateral movement within a system, and theft of credentials, including administrator passwords." The indictment notes that the hackers used anonymizer services, Dropbox Application Programming Interface (API) keys, and even GitHub during their attacks.  All four defendants have been charged with one count of conspiracy to commit computer fraud and one count of conspiracy to commit economic espionage. Combined, the two charges carry a maximum sentence of 20 years in prison.  Acting US Attorney Randy Grossman tied the indictment to the larger announcements that came out on Monday, where dozens of countries accused China of a widespread hacking campaign.   Grossman said the indictment "demonstrates how China's government made a deliberate choice to cheat and steal instead of innovate," while also claiming the actions threaten the US economy and national security. The FBI and CISA released an advisory designed to help organizations defend against some of the tactics deployed by the four hackers indicted. The Joint Cybersecurity Advisory has "technical details, indicators of compromise, and mitigation measures." "The charges outlined today demonstrate China's continued, persistent computer intrusion efforts, which will not be tolerated here or abroad," said Special Agent in Charge Suzanne Turner of the FBI's San Diego Field Office.  "We stand steadfast with our law enforcement partners in the United States and around the world and will continue to hold accountable those who commit economic espionage and theft of intellectual property."