The US security service confirms that Chinese hackers stole at least $20 million in US Covid benefits. However, NBC News rang the bell earlier this week and reported that a Chinese hacking team had managed to crack a US fund with corona benefits.
The US Secret Service has since confirmed the report to the Reuters news agency without revealing additional details. According to the NBC News report, approved by the security service, those responsible for the theft are the Chinese hacker collective APT41, also known as Winnti.
APT41, based in Chengdu, is a particularly active group of cybercriminals who, according to experts, are partly supported by the (Chinese) government to steal specific data but which also have clear financial motives. According to the US security service, this case concerns the theft of “tens of millions of dollars”. In addition, it involves money set aside since 2020 for support measures by the US government around Covid-19. This concerns money earmarked for loans to small businesses and additional unemployment benefits in more than a dozen states.
A remarkable theft, especially since APT41 is quite visible and has been on the American radar for a long time. Moreover, several members of the hacker group were still indicted by the US Department of Justice in 2019 and 2020 for spying on over 100 companies, including software development companies, telecommunications providers, social media companies and video game developers.
The Chinese embassy in Washington stated that China always has “strongly opposed cyber theft and has taken firm action against all forms of hacking.” According to the statement, China opposes the “unfounded allegations” regarding cyber security.
This is the first case of fraud by foreign state-sponsored cybercriminals in response to the pandemic that the US government is now publicly acknowledging. However, in the US, various experts from the cybersecurity and legal world are convinced that this is just the tip of the iceberg. The US intelligence agency would not confirm other similar investigations into “pandemic fraud” but told NBC that there are more than 1,000 investigations into international and domestic criminal actors who defraud public benefit programs and that APT41 is “a key player.”