Federal prosecutors in Brooklyn have announced the indictment of seven members of a Chinese state-run hacking operation, known as Advanced Persistent Threat 31, for their years-long cyber espionage and intelligence operation targeting U.S. politicians, government officials, and private companies.
The hackers, based in Wuhan since 2010, sent tens of thousands of phishing e-mails to government and political officials in the U.S., posing as prominent American journalists. These e-mails contained tracking links that, when opened, sent location, device, and network data back to the hackers’ server.
The group then used this information to target home routers and electronic devices, according to the indictment. The targets included White House officials, officials from various government departments, senators from both parties, defense contractors, political strategists, commentators, and advocates.
In addition to targeting U.S. officials, the hackers also went after dissidents critical of the Chinese government and their supporters. They used custom malware and “zero-day exploits” to hack into the computers of private companies, including defense contractors, telecommunications firms, law offices, and a New York-based apparel company.
The indictment alleges that the hackers’ activities were often in response to world events, such as U.S. tariffs on imported steel and nominations of members of the Hong Kong democracy movement for a Nobel Peace Prize.
The seven defendants, all living in China, have been charged with conspiracy to commit computer intrusions and conspiracy to commit wire fraud. The indictment serves as a reminder of the lengths to which the Chinese government is willing to go to target and intimidate its critics, according to Attorney General Merrick Garland.