July 20, 2021

The Justice Department pressed charges against four Chinese nationals on Monday, accusing them of being part of a hacking group that attacked companies, universities and government facilities in the U.S. and abroad between 2011 and 2018.

A San Diego grand jury returned indictments against all four in May, and it was unsealed on Friday, according to a Justice Department statement.

According to the indictment, Ding Xiaoyang, Cheng Qingmin and Zhu Yunmin were members of the Hainan State Security Department working covertly within a front-line company called Hainan Xiandun Technology Development Co., Ltd.

The aim of the operation, according to the Justice Department, was to steal information from companies that would aid businesses in mainland China.

The three are accused of coordinating, facilitating and managing computer hackers and linguists at Hainan Xiandun and other MSS front companies.

Wu Shurong was also charged with his role as a hacker who created malware, helped the other three break into computer systems and allegedly supervised other Hainan Xiandun hackers.

The DOJ stated that the group attacked companies in the U.S., Indonesia, Malaysia, Norway, Saudi Arabia, South Africa, Switzerland, U.K., Austria, Cambodia, Canada and Germany. Most of the attacks targeted companies working in the defense, education, healthcare, biopharmaceutical and aviation industries.

The indictment mentions the variety of hacking methods used to break into the companies’ systems, detailing how the group used spearphishing emails and hijacked credentials

The indictment points out that the hackers used anonymization services, Dropbox Application Programming Interface (API) keys, and even GitHub during their activities.

All four defendants are charged with one count of conspiracy to commit computer fraud and one count of conspiracy to commit industrial espionage, both of which together carry a maximum penalty of up to 20 years in prison.

For more information, read the original story in ZDNet.