US Justice Department Charges Chinese Hackers for Global Cyberattacks

U.S. Charges Chinese Hackers in Global Cyberattack Campaign

In a significant move against cybercrime, the U.S. Justice Department has charged two Chinese state security officers and eight employees of the hacker-for-hire group i-Soon for their involvement in a series of cyberattacks that have targeted victims worldwide since 2011. The indictment, unsealed today, highlights a troubling pattern of intrusions affecting U.S. federal and state agencies, foreign ministries in Asia, and even U.S.-based dissidents and religious organizations.

According to the Justice Department, these hackers operated under the direction of the People’s Republic of China’s Ministry of Public Security (MPS) and Ministry of State Security (MSS), executing computer breaches for profit. "These malicious cyber actors conducted computer intrusions at the direction of the PRC’s MPS and MSS and on their own initiative," the DOJ stated, revealing that the MPS and MSS paid substantial sums for stolen data.

The charges include the seizure of the domain used by i-Soon to promote its hacking services. The State Department is offering rewards of up to $10 million for information leading to the capture of key defendants, including i-Soon’s CEO Wu Haibo and COO Chen Cheng.

The indictment also names two hackers linked to the state-sponsored APT27 group, Yin Kecheng and Zhou Shuai, who remain at large. They are accused of exploiting vulnerabilities in various networks, installing malware, and selling stolen data to multiple clients, some with ties to the Chinese government.

This crackdown is part of a broader U.S. initiative to combat cyber threats from state-sponsored actors, following previous sanctions against other Chinese entities involved in cyberattacks. As the global landscape of cyber warfare evolves, the U.S. continues to bolster its defenses against these persistent threats.