Chinese state-backed hackers stole millions of US Covid relief money, Secret Service says

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Chinese state-backed hackers have stolen millions of relief funds in the US since the Covid-19 pandemic began, according to the US Secret Service.

The Chinese government-linked hacking group APT41 stole at least $20m in Covid relief benefits, including from unemployment insurance funds and small business administration loans in over a dozen US states since 2020, NBC reported.

While it is unclear if the hackers stole the funds for personal gain or on behalf of Beijing, cybersecurity experts say this could be the first instance of pandemic fraud linked to foreign, state-backed cybercriminals.

APT41 is known to launch hacking operations for both financial gain as well as old-fashioned espionage purposes, and has been under the FBI’s watch since before the pandemic.

In 2020, the US Justice Department indicted five members of the hacking group for targeting over 100 companies in the US and abroad.

In a statement, the US Secret Service called APT41 a “Chinese state-sponsored, cyberthreat group that is highly adept at conducting espionage missions and financial crimes for personal gain”.

The cybercriminal group has attacked several companies, including video game firms, computer manufacturers, and software development companies.

According to the FBI, they have conducted supply chain attacks to gain unauthorised access to networks throughout the world.

Over the last decade, they have targeted hundreds of companies, “representing a broad array of industries to include: social media, telecommunications, government, defense, education, and manufacturing”.

“These victims included companies in Australia, Brazil, Germany, India, Japan and Sweden,” the FBI noted.

They were also previously accused in 2020 of hacking foreign governments, politicians, think-tanks, universities, nonprofits, and civil society members in Hong Kong.

“Regrettably, the Chinese communist party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China,” then Deputy Attorney General Jeffrey A Rosen had said.

The hackers have also allegedly deployed ransomware attacks and demanded payments from victims.