Federal prosecutors in Brooklyn have announced the indictment of seven members of a Chinese state-run hacking operation, revealing a years-long cyber espionage and intelligence operation targeting U.S. politicians, government officials, and private companies.
The group, known as Advanced Persistent Threat 31, has been operating out of Wuhan since 2010, sending tens of thousands of phishing e-mails to government and political officials in the U.S. The hackers posed as prominent American journalists in their e-mails, which contained links to fake news articles that activated tracking links when opened.
The hackers used the data collected from these tracking links to target home routers and electronic devices, according to the indictment. Attorney General Merrick Garland described the case as a reminder of the Chinese government’s willingness to target and intimidate its critics through malicious cyber operations.
The targets of the hackers included White House officials, officials from various government departments, senators from both parties, defense contractors, political strategists, commentators, and advocates. The hackers also targeted dissidents critical of the Chinese government and their supporters.
In addition to phishing e-mails, the hackers used custom malware and “zero-day exploits” to hack into the computers of private companies, including defense contractors, telecommunications firms, law offices, and a New York-based apparel company. The hacks were often in response to world events, such as U.S. tariffs on imported steel and nominations of Hong Kong democracy movement members for a Nobel Peace Prize.
The seven defendants, all living in China, are charged with conspiracy to commit computer intrusions and conspiracy to commit wire fraud. Despite the indictment, they have not been arrested by U.S. law enforcement agents.
