The U.S. Secret Service accused a group of hackers previously linked to the Chinese government of stealing at least $20 million from the U.S. government’s COVID-19 relief funds.
The hacking group, known as APT41, stole unemployment insurance funds and Small Business Administration loan money in over a dozen U.S. states, according to Secret Service spokesperson Justine Whelan.
The Secret Service’s national pandemic fraud recovery coordinator Roy Dotson noted the group has surfaced as a “notable player” in over “1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs.”
Cybersecurity firm Mandiant revealed in March that APT41 successfully broke into computers at government agencies in at least six U.S. states in 2021 and 2022. Rufus Brown, the senior threat analyst at Mandiant’s Advanced Practices team, told CNN at the time that the hackers’ “campaign is likely still going on” as they “probably haven’t completed their mission.”
A daily dose of Asian America's essential stories, in under 5 minutes.
Get our collection of Asian America's most essential stories to your inbox daily for free.
Unsure? Check out our Newsletter Archive.
While U.S. prosecutors say APT41 has been working on behalf of China’s civilian intelligence agency, the Ministry of State Security, it remains unclear whether the stolen coronavirus relief funds were done on behalf of Beijing.
Investigators said the group has conducted espionage on behalf of the Chinese government for years, while also participating in theft for their own gain.
In 2020, the U.S. Justice Department accused APT41 operatives of participating in hacking activities that targeted pro-democracy politicians in Hong Kong and breached over 100 companies in the US and different parts of the world.
Dotson has been working with law enforcement agencies across the country in the last two years to recover the funds and has successfully seized over $1.4 billion in ill-gotten funds so far.