China-backed hackers are involved in cyber espionage and financial crimes aimed at strengthening its geopolitical position, reported Geo-politik.
It is no longer a hidden fact that these hackers work with the Chinese government to carry forward the country’s agenda.
Experts and officials described the Chinese model of ‘state-sponsored’ hackers as a network of semi-independent groups which are part of the country’s espionage efforts.
One such group is APT41, also known to cyber-security firms such as Winnti, Barium and Wicked Panda. The group is considered a prolific Chinese intelligence asset, reported Geo-politik.
The primary purpose of APT41’s state-directed activity is believed to be collecting personally identifying information and data about American citizens, institutions and businesses that can be used by China for espionage purposes.
Recently, the US Secret Service revealed that APT41, the Chengdu-based hacking group, stole at least USD 20 million in US Covid relief benefits, including small business administration loans and unemployment insurance funds in over a dozen states, said Geo-politik.
The Covid cyber-theft began in mid-2020 and spanned 2,000 accounts associated with more than 40,000 financial transactions.
The theft of taxpayer funds is the first instance of pandemic fraud tied to foreign, state-sponsored cybercriminals that the US government has acknowledged publicly. Still, they may just be the tip of iceberg, according to US law enforcement officials and cyber-security experts.
According to cyber experts and officials from multiple agencies, by the time Covid relief funds appeared as a target of opportunity in 2020, APT41, which emerged more than a decade ago, had already become the ‘workhorse’ of cyber-espionage operations that benefit the Chinese government, reported Geo-politik.
The US Secret Service stated that it considers APT41 as a “Chinese state-sponsored, cyber-threat group that is highly adept at conducting espionage missions and financial crimes for personal gain”.
As soon as state governments began disbursing Covid unemployment funds in 2020, cybercriminals began to siphon off a significant percentage.
The US Labour Department of Inspector General has reported an improper payment rate of roughly 20 per cent for the USD 872.5 billion in federal pandemic unemployment funds, though administration officials from multiple agencies claimed that the actual amount of fraud could be higher.
In the past, American officials have blamed Chinese hackers for breaches in the Office of Personnel Management, Anthem Health and Equifax, among others.
In another case, four Chinese nationals in Sydney were charged with the sophisticated cyber scam, Geo-politik.
They were part of an organised crime syndicate allegedly involved in a cyber-enabled investment scam that has resulted in more than USD 100 million in losses worldwide.
The syndicate employed a sophisticated mix of social engineering techniques, including the use of dating sites, employment sites and messaging platforms to gain victims’ trust before mentioning investment opportunities.
The victims were then directed to both fraudulent and legitimate investment applications that deal in foreign exchange and crypto-currency, which were maliciously manipulated to show a false positive return on investments, said Geo-politik.
An analysis of victim reports by police has identified more than USD100 million in losses worldwide attributed to this organised crime syndicate, with the majority of victims being based in the United States.
These financial frauds do not appear to be fate, rather, they seem to be well-thought-out plans to break target countries’ backbone by destroying their economy, reported Geo-politik.