One month later, it also targeted Chinese cybersecurity company Integrity Tech for its involvement in cyberattacks linked to the Chinese state-sponsored Flax Typhoon hacking group and sanctioned Yin Kecheng for his role in last year's breach of the Treasury Department's network. The US Justice Department has charged Chinese state security officers along with APT27 and i-Soon hackers for network breaches and cyberattacks that have targeted victims globally since 2011. Today, the DOJ charged two MPS officers and eight employees of Anxun Information Technology (also known as i-Soon) with involvement in these attacks and seized the domain used by i-Soon to advertise its hacker-for-hire services. China-based hackers Yin Kecheng (aka YKCAI) and Zhou Shuai (aka Coldface), linked to the state-backed APT27 hacking group, were also charged today for their involvement in this global hacking campaign. "These malicious cyber actors, acting as freelancers or as employees of i-Soon, conducted computer intrusions at the direction of the PRC's MPS and Ministry of State Security (MSS) and on their own initiative. While they're both still at large, the Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned them,while the State Department announced rewards of up to $2 million for information leading to their arrests and convictions. "As alleged in court documents, between August 2013 and December 2024, Yin, Zhou, and their co-conspirators exploited vulnerabilities in victim networks, conducted reconnaissance once inside those networks, and installed malware, such as PlugX malware, that provided persistent access," the DOJ said on Wednesday. Their victim list includes US federal and state government agencies, foreign ministries of multiple governments in Asia, U.S.-based dissidents, as well as a prominent religious organization in the United States.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 05 Mar 2025 17:26:07 +0000