On Thursday, the US Department of Justice charged two Chinese government-affiliated hackers with hacking numerous companies and government agencies in a dozen countries.
Zhu Hua (known online as Afwar, CVNX, Alayos, and Godkiller) and Zhang Shilong (known online as Baobeilong, Zhang Jianguo, and Atreexp) are believed to be members of a state-sponsored hacking group known as Advanced Persistent Threat 10 (APT 10) or Cloudhopper, which has been working for over a decade to steal business and technology secrets from companies and government agencies around the world.
According to the indictment, the alleged hackers stole “hundreds of gigabytes” of sensitive data and personal information from more than 45 companies and government agencies between 2006 and 2018.
Hua and Shilong, who both worked for Huaying Haitai Science and Technology Development Company, are alleged to have committed these crimes at the direction of the Tianjin State Security Bureau, a division of China’s Ministry of State Security.
Among the victims were numerous managed service providers (MSPs), the U.S. Navy, NASA’s Goddard Space Center and Jet Propulsion Laboratory, and the Lawrence Berkeley National Laboratory of the Department of Energy.
“The significance of this case stems from the defendants’ alleged targeting and compromise of Managed Service Providers (MSPs). MSPs are businesses that other businesses entrust to store, process, and protect their commercial data, such as intellectual property and other sensitive business information “the Department of Justice says.
When hackers gain access to managed service providers (MSPs), they can steal sensitive business information that gives competitors an unfair advantage.
A major financial institution, three telecommunications, and consumer electronics companies, two business consultancies, a healthcare company, a mining company, three commercial and industrial manufacturing companies, an oil and gas exploration company, a biotechnology company, an automotive supplier, and a drilling company were among the additional victims.
Twelve countries, including Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, the United Kingdom, and the United States, we’re home to victims of these targeted companies.
In addition to this, these Chinese hackers are accused of breaking into over 40 computers on U.S. Navy networks and stealing the Social Security numbers (SSNs), phone numbers, email addresses, and other personal information of over 100,000 Navy personnel.
In 2015, the United States accused the Chinese government of violating its commitment to the international community not to steal trade secrets and other confidential business information through computer hacking.
The duo is currently on the FBI’s wanted list and has been charged with conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.
The indictment of two hackers came less than two months after the DoJ indicted 10 Chinese hackers, including two intelligence officers, also linked to APT10 for stealing aircraft engine technology from American and French aerospace companies.
