U.S. indicts three Chinese nationals for committing large-scale identity theft

Phillip Cunningham
November 29, 2017

The three alleged hackers live in China, and it's unclear if they'll ever appear in USA court.

He said, "These conspirators masked their criminal conspiracy by exploiting unwitting computers, called "hop points", conducting "spearphish" email campaigns to gain unauthorised access to corporate computers, and deploying malicious code to infiltrate the victim computer networks".

The three, said to run a cyber security firm in China, targeted Moody's Analytics, Siemens and Global Positioning System maker Trimble, the indictment says. The hackers are also accused of stealing 407 gigabytes of data from Siemens' network in 2015, as well as information on Trimble products created to improve the location-tracking abilities of mobile devices "in a cost-effective way".

But the indictment charges Xia with accessing Moody's email server in August 2011 and creating a rule that forwarded all emails for an influential economist employed by the firm to another, fraudulent email account.

Monday's indictment is the first filed by the U.S. since Chinese President Xi Jinping and then-U.S. President Barack Obama reached an agreement in 2015 that their governments wouldn't direct or support hacking for commercial purposes.

"Once again, the Justice Department and the Federal Bureau of Investigation have demonstrated that hackers around the world who are seeking to steal our companies' most sensitive and valuable information can and will be exposed and held accountable", Acting Assistant Attorney General for National Security Dana Boente said in a statement announcing the charges Monday afternoon.


The Justice Department said in a statement the stolen data included information related to the housing, finance, energy, technology, transportation, construction, land survey, and agricultural sectors. "In 2013 and 2014, defendant Xia regularly accessed those web-based email accounts to access the employee's stolen emails, which contained proprietary and confidential economic analyses, findings and opinions", the indictment says.

Wu used the cyber handle "mxmtmw", "Christ Wu", and "wyz".

Xi, a Boyusec employee, also lives in Guangzhou.

"One thing to watch is how the Chinese government reacts", Lewis said. Mr. Zandi declined to comment and referred questions Monday to a Moody's spokesman, who declined to comment on its economist.

Cyber attacks have been a bone of contention between the U.S. and China for some years.

Security researchers say attacks attributed to Boyusec have been seen at least through September.

Other reports by

Discuss This Article

FOLLOW OUR NEWSPAPER