Tens of millions of dollars worth of US Covid relief benefits have allegedly been stolen by Chinese hacking team APT41
US officials have reportedly confirmed that Chinese government-linked hackers have stolen at least $20m in US Coronavirus relief funds.
The US Secret Service told CNN on Monday of the theft, which is the first time the US agency has connected Covid-19 fraud to hackers affiliated with a foreign government.
The Secret Service reportedly blamed the hacking group APT41 for the theft. The Chinese-government linked hackers has for years conducted espionage on behalf of the Chinese government while also dabbling in self-enrichment schemes.
CNN reported that it is not clear at this stage whether APT41 conducted the theft for personal gain or if they were operating on behalf of Beijing.
CNN requested comment from the Chinese Embassy in Washington, DC.
News of the hack of Covid relief funds was first reported by NBC News.
It seems APT41 raided unemployment insurance funds and Small Business Administration loan money in more than a dozen US states, Secret Service spokesperson Justine Whelan told CNN.
APT41 is one of the most effective hacking teams backed by the Chinese government. FireEye warned in August 2019 that APT41, besides carrying out traditional state sponsored hacking, also dabbles in cyber crime operations for cash. It said that members of API41 carried out state-sponsored espionage activity, in parallel with financially motivated operations.
US prosecutors have accused APT41 of working on behalf of China’s civilian intelligence agency, the Ministry of State Security. Indeed a 2020 Justice Department indictment alleged that APT41 operatives were part of hacking schemes that targeted pro-democracy politicians in Hong Kong and breached over 100 companies in the US and abroad.
“Of the more than 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs, APT41 has emerged a notable player,” Roy Dotson, the Secret Service’s national pandemic fraud recovery coordinator, was quoted by CNN as saying in a statement.
But the $20 million in Covid-19 relief support is just a fraction of pandemic relief money stolen from US government coffers by a broad range of criminal groups, CNN noted.
The Secret Service reportedly said it has seized over $1.4 billion in ill-gotten funds since 2020. To get a grip on the problem, the agency tapped Dotson to work with law enforcement agencies across the country to recover stolen funds.
The APT41 hackers have reportedly had their sights on US state governments for some time.
The group went on a hacking spree against US state agencies in 2021 and 2022, breaking into computers at government agencies in at least six US states, cybersecurity firm Mandiant, was quoted by CNN as saying in March.
“APT41 is essentially a criminal enterprise that moonlights on behalf of an intelligence service,” John Hultquist, Mandiant’s vice president of intelligence analysis, told CNN.
“If this is criminal activity targeting government agencies in the United States, it’s a bit of an escalation” for APT41, Hultquist said, adding that it was unusual for the group to cash out on such a high-profile target.
In July the heads of the FBI and UK’s MI5 for the first time shared a public platform in London, and warned about the ‘immense’ threat posed by Chinese government’s espionage operations.
The warning came during a meeting with UK business leaders, and the two heads warned that the Chinese government was set on stealing their technology for competitive gain.
It should be noted that Beijing routinely denies such allegations while accusing the US government of targeting China with hacks.