Chinese government-backed hackers stole at least $20 million from US Covid-19 relief funds, officials in Washington believe.Security researchers say other countries such as the UK are likely to have suffered similar attacks tech monitor.
Chinese APT group known as APT41 is behind raid in which at least $20 million was stolen, US Secret Service spokesman says NBC.
The theft was discovered as part of a broader investigation into pandemic funding fraud conducted by the U.S. Secret Service, which announced Friday it had recovered $286 million in Covid-19 relief funds.
Covid-19 relief fund APT41 targeted by Chinese hackers
APT41 is believed to target small business managed loans designed to help businesses survive the pandemic, as well as unemployment insurance funds in more than a dozen US states.
The United States is the first company to report that its pandemic funds have been targeted by international hackers, but others are likely to follow, said Allan Liska, head of cybersecurity at security firm Recorded Future. I’m here.
“A lot of money was sent, but it was not very monitored in many countries,” says Liska. “Both cybercriminals and current state actors have been able to take advantage of it to redirect funds.
In February, the UK government said it had lost up to £16bn to ‘fraud and errors’ in its Covid-19 lending scheme.Some of this lost cash may have been stolen by cybercriminals is high, says Liska. “This is similar to what nation-state hackers, especially those in countries like North Korea, get involved in to steal funds,” he says. “We haven’t seen any evidence yet.
Hackers could have easily used data stolen from the dark web to spoof the application to either scheme, adds Liska. “Even if the government had good cybersecurity practices in place, it would be highly unlikely that he would fake a Covid application using someone else’s name because there are so many stolen credentials available on the underground market. It’s easy,” he says.
Content from partners
What is APT41?
Over the past seven years, APT41, also known as BARIUM, has targeted countries in Europe, Southeast Asia, and the United States. A report from security firm SOCRadar found that the attack targeted political, economic and military organizations.
In 2020, the FBI released an international “Most Wanted” poster. The faces of her four indicted members of the group are shown. They were charged with extortion, money laundering, fraud, identity theft, and access device fraud.
These claims result from hacking activities carried out while employed by Chengdu 404 Network Technology Company. According to the poster, “Defendants allegedly launched supply chain attacks targeting hundreds of companies in Australia, Brazil, Germany, India, Japan and Sweden to gain unauthorized access to networks worldwide. .”
U.S. Secret Service revealed NBC With over 1,000 ongoing investigations involving cross-border criminals involved in profit fraud, APT41 is a major player in the field.