2 min read

Two Chinese Hackers Face 40 Years in Prison for Hacking Spree on Global Organizations, Including COVID-19 Researchers

Filip TRUȚĂ

July 22, 2020

Two Chinese Hackers Face 40 Years in Prison for Hacking Spree on Global Organizations, Including COVID-19 Researchers

US authorities have charged two Chinese hackers for allegedly hacking into the systems of hundreds of companies, governments and individual dissidents, as well as firms developing COVID-19 vaccines, testing technology, and treatments, the U.S. Department of Justice (DOJ) announced this week.

An 11-count indictment alleges Li Xiaoyu, 34, and Dong Jiazhi, 33, conducted a hacking campaign lasting more than ten years to the present, targeting companies in countries with high-technology industries, including the United States, Australia, Belgium, Germany, Japan, Lithuania, the Netherlands, Spain, South Korea, Sweden, and the United Kingdom. Both hackers were trained in computer application technologies at the same Chinese university, according to the DOJ”s press release.

Allegedly backed by the Chinese government, the duo targeted industries like high-tech manufacturing, and medical device, civil, and industrial engineering, as well as business, educational, gaming, solar energy, pharma and defense. Starting around Sept. 1, 2009, and continuing through July 7, 2020, they exfiltrated sensitive data and intellectual property saving their (Chinese) sponsors precious time and resources in key areas of research and development.

“In at least one instance, the hackers sought to extort cryptocurrency from a victim entity, by threatening to release the victim”s stolen source code on the Internet.  More recently, the defendants probed for vulnerabilities in computer networks of companies developing COVID-19 vaccines, testing technology, and treatments,” the DOJ said.

Li and Dong typically gained footholds in targeted infrastructures by exploiting publicly known / unpatched software vulnerabilities in popular web server software, web application development suites, and software collaboration programs. They also leveraged insecure default configurations in common applications and their initial foothold to steal access credentials and deploy malware to remotely execute commands on victim computers.

They allegedly packaged victim data in encrypted RAR archives, changed the extensions to .jpg, altered system timestamps, and concealed programs and documents at innocuous-seeming locations on victim networks and in victim networks” “recycle bins,” according to the indictment. The duo frequently re-victimize targets that were slow to patch their entry points – in some cases returning years after the original breach, the DOJ said.

The defendants are charged with conspiracy to commit computer fraud, conspiracy to commit theft of trade secrets, conspiracy to commit wire fraud, unauthorized access of a computer, and aggravated identity theft, which – if the hackers are caught and prosecuted in a U.S. court of law – in total carry more than 40 years of prison for each individual.

tags


Author



Right now

Top posts

Ultimate Privacy Guide for Your Facebook Account

Ultimate Privacy Guide for Your Facebook Account

August 31, 2021

6 min read
7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

7 Signs It’s Time to Use Parental Controls On Your Family’s Devices

August 27, 2021

2 min read
Your Netflix Account May Be on Sale on Darkweb. Protect It

Your Netflix Account May Be on Sale on Darkweb. Protect It

August 13, 2021

3 min read
E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

E-mails claiming your computer was hacked and your privacy exposed - what you need to know (spoiler: you can relax - they’re bluffing)

July 29, 2021

5 min read
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Romance scammers arrested in Texas for defrauding elderly lonely hearts Romance scammers arrested in Texas for defrauding elderly lonely hearts
Graham CLULEY

September 28, 2021

3 min read
iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find iCloud Private Relay Vulnerability Exposes User IP Addresses, Researchers Find
Silviu STAHIE

September 27, 2021

1 min read
Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement Bitcoin.org Compromised; Attackers Posted “Double Your Money” Announcement
Silviu STAHIE

September 27, 2021

1 min read