Chinese hackers compromised Indian government websites: US Justice Department

WION Web Team New Delhi Sep 19, 2020, 10.31 PM(IST)

US Justice Department targets Chinese hackers Photograph:( Reuters )

Story highlights

The conspirators had installed "Cobalt strike" malware on Indian government-protected computers

The US Justice Department has said the five Chinese hackers who were charged targeted Indian government's networks and "compromised foreign government computer networks".

Also Read: Chinese hacker group, APT41, dupe companies in Malaysia and China

Deputy US Attorney General Jeffrey Rosen has charged five Chinese nationals with computer hacking and charged two Malaysians for helping them.

Justice Department statement said the Malaysian nationals were arrested but the Chinese nationals were still at large.

"In about 2019, the conspirators compromised government of lndia websites, as well as virtual private networks and database servers supporting the government of India. The conspirators used VPS PROVIDER servers to connect to an Open VPN network owned by the government of India," the indictment said.

The conspirators had installed "Cobalt strike" malware on Indian government-protected computers, it added.

"In one notable instance, the defendants conducted a ransomware attack on the network of a non-profit organization dedicated to combating global poverty," it said.

The indictment against Zhang and Tan charged the defendants with "two counts" of conspiracy to commit computer fraud which carries a maximum sentence of five years in prison.

The US government alleged that the hackers targeted "over 100 victim companies in the United States and abroad, including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong."

"The intrusions, which security researchers have tracked using the threat labels “APT41,” “Barium,” “Winnti,” “Wicked Panda,” and “Wicked Spider,” it said.

“The scope and sophistication of the crimes in these unsealed indictments is unprecedented. The alleged criminal scheme used actors in China and Malaysia to illegally hack, intrude and steal information from victims worldwide,” Michael R. Sherwin, acting US attorney for the District of Columbia, said.

Read in App