US Charges Five Hackers from Chinese APT41 Hacker Group for Hacking More than 100 Firms Globally

Recently, the US government has filed charges against the five hackers for hacking more than 100 firms worldwide. The hackers belong to China, and the name of the hacker group is APT41. 

The threat actors not only hacked the firm, but they also hacked social media and video game companies, universities, telecommunications providers, healthcare providers, non-profits, and think tanks.

The APT41 group stole all relevant intellectual property, client data, and proprietary source code. Rather than the US, the APT41 hacker group also negotiated foreign government computer systems in India, Vietnam, and pro-democracy legislators and activists in Hong Kong.

Five Chinese Nationals Indicted

According to the report of the department of justice of the US, the two hackers of APT41, Zhang Haoran, and Tan Dailin, were identified and charged in August 2019. And they have charged for hacking all the companies, social media, video game platforms, and many more.

While the other three members were identified in a different incident, and all the three were charged with most of the APT41 interventions. The hackers are Jiang Lizhi, Qian Chuan, Fu Qiang. Later all five of the hackers have been charged as a member of APT41, and all the names have been added to the FBI’s Cyber Most Wanted List.


The three hackers were the employees of Chengdu 404 Network Technology. It was a front company that performed under the close supervision of PRC officials. 

Moreover, the documents that have been submitted by the Court also revealed that US officials caught all the online chats between Jiang and other Chinese hackers. In conversations where Jiang promoted knowing and operating under Gong An, it’s a high-ranking official in the Chinese Ministery of Public Security.

Targeted vulnerabilities

There are a total of six vulnerabilities that were targeted most, and here we have mentioned all the targeted vulnerability below:-

  • CVE-2019-19781
  • CVE-2019-11510
  • CVE-2019-16920
  • CVE-2019-16278
  • CVE-2019-1652/CVE-2019-1653
  • CVE-2020-10189

The US officials shattered the third Chinese State-Sponsored hacking group since 2017

The US officials have previously shattered the third Chines state-sponsored hacking group since 2017, and they believe that this group was a part of the APT41 hacking group. The hackers have been charged and arrested because they have seizures of malware and other infrastructure that are generally used to administer intrusions. 

The protective actions expose the Department’s resolution to utilize all of the tools at its distribution and to cooperate with the private sector and nations those who support the rule of law in Cyberspace.

However, the officials have ceased two Malaysian businessman who was also charged for cooperating with two of the APT41 members to get benefit from interventions at video game companies. But these two Malaysian hackers have been arrested on Monday, September 14, by the Malaysian government in the Malaysian city of Sitiawan.

They perceived “hundreds of accounts, servers, domain names, and command-and-control (C2) ‘dead drop’ web pages” that are used by the APT41 hacking group in all their past operations.

That’s why the FBI, in a live stream, affirmed that the Bureau is currently investigating the extradition of the two Malaysian businessmen in the US to face their charges. Not only this but later, the FBI headed the investigation and received a court warrant at the beginning this month.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Also Read:

Hidden Cobra APT Hackers Attack Japanese Organisations Via Obfuscation Malware & Remote SMB Tool

Iranian Charming Kitten APT Hackers Deploying Malware via WhatsApp Messages

Chinese APT Hackers Attack India & Hong Kong Using a New Malware to Steal Sensitive Data Remotely

APT Hackers Group Carefully Deploy Evilnum Malware Toolkit on Financial Sectors via Google Drive

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.