Five members of an alleged Chinese computer hacking gang that targeted more than 100 companies in the United States and abroad have been charged by the US Justice Department.
Federal prosecutors say the five Chinese citizens, along with two Malaysian businessmen, attacked social media companies, video game firms, computer manufacturers, software development companies and telecommunications firms.
The group, known as APT41, is also accused of hacking universities, nonprofits, foreign governments, politicians think-tanks and Hong Kong civil society members.
US officials did not go as far as claiming that the hackers were working directly for the Chinese Government, but Deputy Attorney General Jeffrey Rosen said that Beijing had at the least turned a blind eye to cyber crime.
“We know the Chinese authorities to be at least as able as the law enforcement authorities here and in likeminded states to enforce laws against computer intrusions,” Rosen said.
“But they choose not to.”
Rosen went on to claim that one of the Chinese defendants had told a colleague that he was “very close’ to China’s Ministry of State Security and was being protected “unless something big happens”.
“No responsible government knowingly shelters cyber criminals that target victims worldwide in acts of rank theft,” said Rosen.
The indictments against the group are part of a larger effort by the Trump administration to highlight Chinese cybercrime.
In July prosecutors accused China of working with hackers to target firms developing vaccines for the coronavirus.
The Chinese Embassy has not made comment but has repeatedly denied any involvement in hacking.
The five Chinese citizens remain at large but two Malaysian businessmen were arrested in their country and the US Assistant Attorney General for National Security John Demers says they are both likely to fight extradition to the US.
Wong Ong Hua, 46, and Ling Yang Ching, 32, were charged with conspiring with two of the hackers to profit from intrusions into video game firms in the United States, France, Japan, Singapore and South Korea.
The Justice Department says search warrants issued earlier this month allowed them to seize hundreds of servers, domain names, accounts and “dead drop” Web Pages used by the gang to allegedly steal data from victims.
And the department credited Microsoft Corp for playing a “significant part” in developing systems to block the hackers.
Microsoft has not commented.