The US Department of Justice on Thursday charged two Chinese hackers associated with the Chinese government for hacking numerous companies and government agencies in a dozen countries.The Chinese nationals, Zhu Hua (known online as Afwar, CVNX, Alayos and Godkiller) and Zhang Shilong (known online as Baobeilong, Zhang Jianguo and Atreexp), are believed to be members of a state-sponsored hacking group known as Advanced Persistent Threat 10 (APT 10) or Cloudhopper that has been working from over a decade to steal business and technology secrets from companies and government agencies around the world.
According to the indictment, the alleged hackers targeted more than 45 companies and government agencies from 2006 to 2018 and stole “hundreds of gigabytes” of sensitive data and personal information from its targets.
Both Hua and Shilong worked for Huaying Haitai Science and Technology Development Company and are alleged to have committed these crimes at the direction of Tianjin State Security Bureau, a department of China’s Ministry of State Security.The victims included numerous managed service providers (MSPs), the U.S. Navy, NASA Goddard Space Center, and Jet Propulsion Laboratory, and the Department of Energy’s Lawrence Berkeley National Laboratory.
“This case is significant because the defendants are accused of targeting and compromising Managed Service Providers, or MSPs. MSPs are firms that other companies trust to store, process, and protect commercial data, including intellectual property and other confidential business information,” the DoJ says.
“When hackers gain access to MSPs, they can steal sensitive business information that gives competitors an unfair advantage.”
Other victims included a major financial institution, three telecommunications, and consumer electronics companies, two business consultancies, a healthcare company, a mining company, three commercial and industrial manufacturing companies, an oil and gas exploration company, a biotechnology firm, an automotive supplier and a drilling company.
These targeted companies had victims in 12 countries including Brazil, Canada, Finland, France, Germany, India, Japan, Sweden, Switzerland, the United Arab Emirates, the United Kingdom, and the United States.
Besides this, these Chinese hackers are also accused of gaining access to over 40 computers on U.S. Navy networks and stealing the Social Security numbers (SSNs), phone numbers, email addresses and other personal information of more than 100,000 Navy personnel.
The duo is now wanted by the FBI and has been charged with conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft.
The indictment against two hackers came less than two months after the DoJ charged 10 Chinese hackers also linked to APT10, including two intelligence officers, for stealing aircraft engine technology from American and French aerospace firms.