On Wednesday, the United States government announced allegations against 5 alleged members of a Chinese state-supported hacking group and 2 Malaysian cybercriminals who are reported to have hacked more than 100 companies globally.
Dubbed APT41 and also known as ‘Barium,’ ‘Winnti, ‘Wicked Panda,’ and ‘Wicked Spider,’ the cyber-intelligence group has been working since at least 2012 and, in addition to being involved in premeditated espionage gathering from important targets in many sectors, but also behind commercially driven attacks against online gaming industry.
“FU has been working closely with JIANG since at least 2008, and worked with JIANG at multiple internet and video game related companies. FU has been working with QIAN and JIANG together since at least 2013. Before joining CHENGDU 404, FU described himself as a skilled programmer and developer,” the court documents say.
As exposed formerly in numerous reports, the APT41 group focusses in software supply-chain attacks, where attackers steal patented “source code, software code signing certificates, customer account data, and valuable business information,” and allocate digitally signed malevolent versions of the software to taint systems at beleaguered organizations.
The court documents suggest that in some cases where the targeted systems didn’t have any treasured information, perpetrators also used ransomware and crypto-jacking malware to make their undertaking financially viable.
“The defendants also compromised foreign government computer networks in India and Vietnam, and targeted, but did not compromise, government computer networks in the United Kingdom,” the press release says.