US and UK Crack Down on Chinese Hacking Group APT31, Impose Sanctions"
US and UK Crack Down on Chinese Hacking Group APT31, Impose Sanctions
Share:

The United States and Britain have taken legal action and imposed penalties on a company and individuals associated with a Chinese state-supported hacking group called APT31, accusing them of conducting extensive cyber espionage.

APT31, also known as Zirconium, is allegedly linked to China's Ministry of State Security and has targeted millions of individuals over more than ten years, primarily in the U.S. and Britain. Targets included government officials, lawmakers, activists, academics, journalists, and various businesses, from defense contractors to a U.S. smartphone manufacturer.

China's foreign ministry spokesperson, Lin Jian, criticized the U.S. and British actions, urging them to cease politicizing cybersecurity matters and refrain from maligning China, imposing unilateral sanctions, and conducting cyber attacks against China.

What is APT31?
APT31, or Advanced Persistent Threat Group 31, comprises Chinese state-sponsored intelligence officers, contract hackers, and associated personnel engaged in hacking activities and malicious cyber operations, according to the U.S. Treasury Department.

Operating under the guise of a front company called Wuhan Xiaoruizhi Science and Technology Company (Wuhan XRZ), APT31 allegedly functioned from 2010 until January 2024. It's purportedly linked to China's Ministry of State Security in Hubei province.

In a separate development, New Zealand authorities claimed that another state-supported Chinese hacking group, APT40, was responsible for hacking its parliament in 2021.

Activities of APT31:
APT31, along with Chinese security authorities, reportedly targeted thousands of U.S. and foreign politicians, foreign policy experts, and others to fulfill China's foreign intelligence and economic espionage goals. Targets included individuals in the White House, State Department, and officials' spouses.

The hacking activities allegedly related to geopolitical events affecting China, such as economic tensions with the U.S., disputes over maritime claims in the South China Sea, and the 2019 Hong Kong pro-democracy protests and subsequent crackdown.

The U.S. indictment claims the conspiracy involved over 10,000 malicious emails sent across multiple continents as part of a widespread global hacking operation supported by Beijing. Objectives included suppressing Beijing critics, infiltrating government institutions, and stealing trade secrets.

Penalties and Sanctions:
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned Wuhan XRZ and seven Chinese individuals on March 25, including Ni Gaobin and Zhao Guangzong.

The British government also imposed sanctions on Wuhan XRZ and the two aforementioned individuals. British authorities accused them of being behind a 2021 email hack targeting the Inter-Parliamentary Alliance on China (IPAC) and a cyber-attack on Britain's Electoral Commission between 2021 and 2022.

Information on Sanctioned Individuals:
The seven individuals indicted in the U.S., aged between 34 and 38, are accused of engaging in hacking activities in support of China's foreign intelligence and economic espionage objectives.

Wuhan XRZ, officially described as a technology development and consulting firm, is registered on China's Qichacha company information database. It operates with fewer than 50 employees and is situated in a technology development zone in Wuhan.

The British government stated that Wuhan XRZ and APT31 were responsible for or supported cyber activities on behalf of the Chinese state. The current legal owner, Wang Hongye, took over the firm in late 2023. Wuhan XRZ was founded in 2010 with a registered capital of 250,000 yuan.

The U.S. authorities have offered rewards of up to $10 million for information on the hackers. Ni, a 38-year-old Chinese citizen, was singled out for targeting Hong Kong democracy activists, lawmakers, and members of the Uyghur minority group through spear-phishing campaigns and interference in information systems.

Share:
Join NewsTrack Whatsapp group
Related News