Science

Hackers linked to Chinese government STOLE $20 million in Covid relief benefits from 12 states

Hackers associated with the Chinese government STOLE at least $20 million in Covid relief benefits — including small business grants and unemployment benefits — from at least a dozen states

  • A hacking group called APT41 stole at least $20 million in Covid aid benefits from a dozen states, Secret Service revealed
  • The fraud started in mid-2020 and lasted for a year; it involved 2,000 accounts and more than 40,000 financial transactions
  • A Justice Department official told NBC News it was “dangerous,” and the Secret Service said more than 1,000 investigations into similar fraud are ongoing
  • It is unclear whether the Chinese government specifically directed the hacks or simply allowed them to take place without intervening

<!–

<!–

<!– <!–

<!–

<!–

<!–

Hackers associated with the Chinese government have stolen at least $20 million in US Covid relief benefits, including small business loans and unemployment funds, in more than a dozen states.

The cybercrime was the work of a hacking group called APT41 in Chengdu, according to the Secret Service.

Those officials and experts told the outlet that other federal probes of pandemic fraud also seem to point to hackers from foreign states. It wouldn’t be the first time that hackers associated with the Chinese government have caused security problems in other countries.

The fraud associated with APT41 took place in mid-2020 and involved 2,000 accounts with more than 40,000 financial transactions — and the agency has been able to recover about half of the stolen funds, according to the agency NBC news. Officials could not confirm whether the hackers still had access to state government networks after their discovery.

Hackers Associated With The Chinese Government Stole At Least $20 Million In Us Covid Relief Benefits, Including Small Business Loans And Unemployment Funds, In More Than A Dozen States

Hackers associated with the Chinese government stole at least $20 million in US Covid relief benefits, including small business loans and unemployment funds, in more than a dozen states

While it’s unclear whether the Chinese government specifically directed or merely authorized the hacks, U.S. security officials say the theft is a serious development with national security implications.

“It would be crazy to think that this group hadn’t targeted all 50 states,” Roy Dotson, national coordinator for pandemic fraud recovery for the Secret Service, who also serves as a liaison to other federal agencies investigating Covid-19, said. investigating fraud, to NBC News.

A senior Justice Department official told NBC News it was “dangerous,” and the Secret Service said there are more than 1,000 ongoing investigations of criminals committing fraud with public utility programs.

“Once you’re in these systems with the intent to proclaim the theft of personally identifiable information,” William Evanina, the former director of the National Counterintelligence and Security Center, part of the Office of the Director of National Intelligence, said. ‘you are in forever’, noting that there are many different systems that share interconnected domain names on a national or local level.

“Unless,” he added, “you break down the systems and replace everything.”

An analysis by the Heritage Foundation estimated that between April 2020 and May 2021 there was a total of $350 billion in unemployment benefits.

My analysis of Department of Labor data shows that between April 2020 and May 2021, UI programs shipped 1.365 billion weekly benefits checks, covering 100% of all unemployed — an optimistic target of the UI expansions — would only 807 million benefits need checks,” Rachel Greszler, a Heritage Foundation researcher, told the Senate during her testimony last year.

“So that’s a surplus of 557 million UI checks and $357 billion in taxpayers’ money that was sent to people – probably criminals – who weren’t out of work.”

The Cybercrime Was The Work Of A Hacking Group Called Apt41 In Chengdu, According To The Secret Service

The Cybercrime Was The Work Of A Hacking Group Called Apt41 In Chengdu, According To The Secret Service

The cybercrime was the work of a hacking group called APT41 in Chengdu, according to the Secret Service

Unfortunately, by the time Covid relief funds were disbursed, APT41 had become a prominent part of cyber-espionage operations that benefited the Chinese government, experts said.

ATP41 is also known by cybersecurity groups as Wicked Panda, Barium, and Winnti.

“Putting an unprecedented dollar value on unemployment benefits, making them available three times longer than normal, increasing eligibility, and reducing verification requirements not only made unemployment benefits misused by some individuals, but they also became a high value, easily accessible target for criminals,” Greszler said.

US officials warned at the start of the pandemic that hackers would use various phishing schemes to collect personal and financial information from unsuspecting victims.

HOW TO CHECK IF YOUR EMAIL ADDRESS HAS BEEN COMPRODATE

Am I Pwned?

Tory Hunt, cybersecurity expert and regional director of Microsoft, walks “Am I Pwned”.

On the website, you can check if your email has been compromised as part of any of the data breaches that have occurred.

If your email address appears, you must change your password.

Pwned passwords

To check if your password might have been exposed to a previous data breach, go to the site’s homepage and enter your email address.

The search function will compare it to the details of historical data breaches that have made this information publicly visible.

If your password does show up, you’re probably at greater risk of being exposed to hacking attacks, fraud, and other cybercrime.

Mr. Hunt built the site to help people check whether or not the password they want to use is on a list of known breached passwords.

The site does not store your password alongside any personally identifiable information and each password is encrypted

Other safety tips

Hunt offers three easy-to-follow steps for better online security. First, he recommends using a password manager, such as 1Password, to create and store unique passwords for each service you use.

Then enable two-factor authentication. Finally, stay on top of any breaches

Show More

Jacky

The author of what'snew2day.com is dedicated to keeping you up-to-date on the latest news and information.

Related Articles

Back to top button