On Monday, U.S. Secret Service officials confirmed an exclusive report that claimed Chinese Communist Party-affiliated hackers had stolen over $20 million in COVID pandemic relief cash.
When asked for comment, Secret Service officials confirmed NBC News’s statement. Nevertheless, unnamed U.S. law enforcement personnel and cybersecurity professionals claim that the pandemic fraud incidence is the first publicly known example of theft related to foreign and state-sponsored criminals.
Authorities have labeled the group accused of hacking as APT41, calling it a “Chinese state-sponsored, cyber threat outfit that is exceptionally competent at undertaking espionage operations and financial crimes for personal advantage,” with its headquarters in Chengdu, Sichuan province.
It is believed that APT41 (also known as Winnti, Barium, and Wicked Panda) started stealing COVID relief funds from around 2,000 accounts in the middle of 2021. These accounts were linked to over 40,000 financial transactions, some of which involved Small Business Administration loans and unemployment insurance funds from at least a dozen states.
NBC cited Secret Service national pandemic fraud recovery coordinator Roy Dotson stating, “it’s inconceivable to assume this gang didn’t target all 50 states.”
Since 2020, the Paycheck Protection Program and unemployment insurance have been under fire for allegedly misusing billions of funds for pandemic relief.
According to an August 2015 article in The Hill, the Secret Service has managed to retrieve $286 million in stolen funds for pandemic relief.
Justice Department officials have reportedly told NBC News that group members not only respond to reports of software security weaknesses but also utilize their hacking talents to launch attacks on individuals, companies, and even countries. In addition to spying for the Chinese government, they gather information and data from American residents, government institutions, and corporations.
For the United States, APT41 poses “severe national security ramifications,” as a senior Justice Department official stated.
Mandiant’s principal intelligence analyst, John Hultquist, has established formal partnerships with more than seventy-five municipalities and state governments. To him, approaching the government for financial support would be an “escalation” for the organization.
An FBI agent once remarked, “with the internet and the black web, it’s borderless,” explaining why the bureau “would never” be able to prosecute and identify Chinese hackers.
More than a thousand fresh investigations have been opened, officials said, targeting foreign and domestic offenders who are accused of wasting public cash.
The Chinese Embassy in Washington has repeatedly asked for a response but has received no answer.