US Offers $10 Million Reward for Chinese Hacker in Global Cybercrime Case

Breaking New International News Trending 2 weeks ago

US Offers $10 Million Reward for Chinese Hacker in Global Cybercrime Case

Washington: The United States has announced a $10 million reward for information leading to the arrest of Guan Tianfeng, a 30-year-old Chinese national accused of hacking computer firewalls and stealing sensitive data. Guan, who is believed to reside in China’s Sichuan Province, has been charged with conspiracy to commit computer fraud and wire fraud, according to an indictment unsealed on Tuesday.

Exploiting Firewall Vulnerabilities

Guan and his co-conspirators, associated with Sichuan Silence Information Technology Co. Ltd., allegedly exploited a vulnerability in firewalls developed by UK-based cybersecurity firm Sophos Ltd. The cyberattacks, which began in April 2020, targeted approximately 81,000 firewall devices worldwide, including over 23,000 in the United States. Among the victims were 36 critical infrastructure companies.

The attackers deployed malware to steal usernames, passwords, and other sensitive information, and attempted to infect computers with ransomware.

“The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims around the world,” Deputy Attorney General Lisa Monaco stated.

Rapid Response Prevented Greater Damage

The FBI credited Sophos for identifying and responding to the vulnerability swiftly, limiting the damage caused by the attack. FBI agent Herbert Stapleton noted that the zero-day vulnerability could have resulted in even more severe consequences without Sophos’ prompt action.

Sanctions and Connections

The U.S. Treasury Department imposed sanctions on Sichuan Silence Information Technology Co. Ltd., the firm where Guan worked. The indictment alleges that Sichuan Silence sold its hacking services and stolen data to Chinese businesses and government entities, including the Ministry of Public Security.

This case highlights the growing concern over state-linked cyberattacks targeting global infrastructure and data systems. The $10 million reward underscores the U.S. government’s commitment to countering cybercrime and holding perpetrators accountable.

Related Posts