The bad guys seize on every opportunity they can, and that apparently includes pandemic relief benefit programs. Can there be a better opportunity for a criminal than when the world is consumed with fear and chaos? As soon as state governments began disbursing Covid unemployment funds in 2022, cybercriminals began to hack off a significant percentage. APT41, a national Chinese hacker group based in the southwestern city of Chengdu, China, is one of those bad guys.
On December 7, 2020, a Secret Service spokesman announced that APT41 was responsible for stealing $20 million from the U.S. government COVID benefit programs. These funds were taken from both small business loans and unemployment relief.
Between May 2021 and February 2022, The China hacking group APT41 targeted and successfully breached at least six U.S. state networks, but investigations are ongoing in all states. “It would be crazy to think this group didn’t target all 50 states,” said Roy Dotson, the main national pandemic fraud recovery coordinator for the Secret Service. Is the correct word crazy Roy? How about foolish? Or maybe both, crazy and foolish.
APT41 is described as a Chinese state-sponsored, cyber threat group that is highly adept at conducting espionage missions and financial crimes for personal gain. Whether the Chinese government directed APT41 to take the US Taxpayers funds or simply looked the other way, is unknown. But it doesn’t take away how troubling this theft is.
The Secret Service declined to confirm the scoop of other investigations, saying that there are more than 1,000 ongoing investigations involving transnational and domestic cybercriminals defrauding public benefits programs, including APT41. It is the first time that APT41 is known to have targeted our government funds, however.
Great job by the Secret Service in their on going battle against cybercriminals.
Today’s Fraud of the Day is based on an article “Hackers linked to Chinese government stole millions in Covid benefits, Secret Service says” published by NBC News on December 5, 2022
Hackers linked to the Chinese government stole at least $20 million in U.S. Covid relief benefits, including Small Business Administration loans and unemployment insurance funds in over a dozen states, according to the Secret Service.
The theft of taxpayer funds by the Chengdu-based hacking group known as APT41 is the first instance of pandemic fraud tied to foreign, state-sponsored cybercriminals that the U.S. government has acknowledged publicly, but may just be the tip of the iceberg, according to U.S. law enforcement officials and cybersecurity experts.
The officials and experts, most speaking on the condition of anonymity because of the sensitivity of the subject matter, say other federal investigations of pandemic fraud also seem to point back to foreign state-affiliated hackers.