Two Malaysian Men Arrested For Working With Chinese Hackers

The internet is a place where many find anonymity to express themselves in safe spaces or finding like-minded people across the world more easily, connecting people and creating opportunities. On the other hand, it created another means for nefarious plots by nameless, faceless people to come to fruition.

Which is why the United States Justice Department recently came out with charges against five Chinese nationals and two Malaysians for running global hacking operations. It is suspected that they ran this operation for over six years to steal identities and video game technology, plant ransomware as well as spy on Hong Kong activists.

The Group

Three of the Chinese perpetrators, Jiang Lizhi, Fu Qiang and Qian Chuan, operated out of Chengdu 404 Network Technology, a company based in the Sichuan province that purported to offer network security services for other businesses.

Instead of serving up the security that they advertised, they hacked the computers of hundreds of companies and organizers around the world including South Korea, Australia and Japan. They collected identities, hijacked systems for ransom and remotely use thousands of computers to mine for cryptocurrency like bitcoin.

The other two Chinese nationals, Zhang Haoran and Tan Dailin, who were coincidently ex-employees of Chengdu 404, alongside the two Malaysians Wong Ong Hua and Ling Yan Ching, were indicted for hacking into major gaming companies to steal their secrets and ‘gaming artifacts’.

They snuck in and plundered things like the tradable in-game chits and credits to resell them online and make a profit.

Like every good underground villain organisation, the seven, of course, were given a group name. Their infamy was recognised by cybersecurity expert and the collective is known by the moniker ‘APT41’, identified by their shared tools and techniques.

Affiliations

We never trust big brother and China is the biggest brother, which is why there were those who initially thought that the company was secretly run by the Chinese government.

In the indictment, however, there was no strong official connection that could be identified between the two. But according to court filings, Jiang Lizhi, one of the Chengdu 404 hackers, boasted to a colleague in 2012 that he was protected by China’s Ministry of State Security, and indicated they were protected if they did not hack domestically.

The US Deputy Attorney General Jeffrey Rosen has accused China of shielding these hackers for those same reasons allowing them sanctuary in the country. Big statements at a time where it seems like the two massive nations are constantly nipping at each other necks.

Hong Kong Protests

One of the reasons they are even pointing the finger at the Chinese government for the hacker’s actions is because of their suspected involvement in targeting the pro-democracy activists and students in Taiwan.

In the indictment, it was noted that in 2018, Chengdu 404 deployed a program to collect information on people involved in Hong Kong’s democracy movement, on a US media group reporting on the treatment of minority Uighurs in China’s Xinjiang region, and on a Tibetan Buddhist monk. However, there was no indication of how the information was used.

The seven face a wide array of charges including computer and wire fraud, identity theft, money laundering, and racketeering. The charges did not indicate any direct political motivations behind the hackers’ activities, though they did gain access to government computer systems in India and Vietnam.

The five Chinese remain at large safe in their own country for now but the two Malaysians were arrested in Malaysia on 14 September and the United States is seeking their extradition.

Source: AFP Relax News