According to an indictment unsealed Mon inwards federal courtroom inwards Pittsburgh, Pennsylvania, the 3 men worked for a Chinese cybersecurity company, Guangzhou Bo Yu Information Technology Company Limited (Boyusec), previously linked to China's Ministry of State Security.
Earlier this year, safety researchers also linked Boyusec to i of the active Chinese government-sponsored espionage groups, called Advanced Persistent Threat 3 (or APT3), which is also known every 2d Gothic Panda, UPS Team, Buckeye, as well as TG-0110.
In 2013, APT3 allegedly stole the blueprints for ASIO's novel Canberra edifice using a slice of malware that was uploaded to an ASIO employee's laptop.
According to the indictment, the 3 Chinese nationals—identified every 2d Wu Yingzhuo, Dong Hao, as well as Xia Lei—launched "coordinated as well as unauthorized" cyber attacks betwixt 2011 as well as 2017, as well as successfully pocket information from a position out of organizations yesteryear compromising their accounts.
The trio of hackers has alleged to convey attacked Moody's Analytics, Siemens, as well as Trimble yesteryear sending spear-phishing emails alongside malicious attachments or links to malware.
The men also used customized tools collectively known every 2d the 'ups' or 'exeproxy' malware to gain unauthorized, persistent access to the targeted companies' networks, allowing them to search for as well as pocket confidential trouble concern information as well as user credentials.
"The principal destination of the co-conspirators’ unauthorized access to victim computers was to search for, identify, copy, package, as well as pocket information from those computers, including confidential trouble concern as well as commercial information, travel product, as well as sensitive victim employee information, such every 2d usernames as well as passwords that could hold upward used to extend unauthorized access inside the victim systems," the DOJ said.
The around affected i of the 3 companies was information technology giant Siemens. According to the indictment, the defendants:
- Stole unopen to 407 gigabytes of information from Siemens' energy, technology as well as shipping businesses inwards 2014.
- Hacked into Trimble's network as well as stole at to the lowest degree 275 megabytes of data, including merchandise secrets related to global navigation satellite systems technology the companionship spent millions of dollars developing, inwards 2015 as well as 2016.
- Accessed an internal e-mail server at Moody's inwards 2011 as well as forwarded the trouble concern human relationship of an unidentified "prominent employee" to their ain accounts, as well as eventually accessing the confidential messages sent to that trouble concern human relationship until 2014.
According to the DoJ, both Wu as well as Dong were co-founders as well as shareholders of Boyusec, spell Lei was an employee. All the 3 defendants were residents of Guangzhou.
The Chinese men convey been charged alongside a sum of 8 counts, including i accuse of committing estimator fraud as well as abuse, ii charges of committing merchandise subway theft, 3 counts of wire fraud as well as 4 to 8 counts of aggravated identity theft.
If establish guilty inwards the courtroom of law, the hackers appear upward a maximum judgement of 42 years inwards prison.
Share This :
comment 0 Comments
more_vert