Exposed: 12 Chinese Nationals Charged in Massive State-Backed Cyber Espionage Campaign

# US Charges 12 Chinese Nationals in Global Hacking and Surveillance Operation

The U.S. Department of Justice has filed charges against 12 Chinese nationals for orchestrating a sophisticated cyber espionage campaign aimed at data theft and suppressing dissent worldwide. The accused include two officers from China’s Ministry of Public Security (MPS), eight employees of the private firm i-Soon (Anxun Information Technology), and two members of the hacking group APT27.

## The Accused Individuals

The defendants include i-Soon’s leadership team—CEO Wu Haibo, COO Chen Cheng, and Sales Director Wang Zhe—along with technical staff Ma Li, Wang Yan, Xu Liang, Zhou Weiwei, and Wang Liyu. Also charged are MPS officers Sheng Jing and Yin Kecheng, plus APT27 actors Zhou Shuai (known as “YKC”) and an individual codenamed “Coldface.”

## State-Sponsored Hacking Network

Court documents reveal that China’s MPS and Ministry of State Security (MSS) employed private contractors to conduct cyber intrusions while concealing government involvement. The FBI has linked i-Soon’s activities to threat groups known as Aquatic Panda (RedHotel), while noting APT27’s connections to Silk Typhoon and other known threat actors.

## Lucrative Criminal Enterprise

The operation generated tens of millions of dollars in revenue, with i-Soon charging between $10,000 and $75,000 per compromised email inbox. The company conducted intrusions both at the direction of Chinese intelligence agencies and independently, later selling stolen data to at least 43 different bureaus across 31 Chinese provinces.

## High-Profile Targets

Victims included:
– U.S. religious organizations
– Government critics and dissidents
– A U.S. state legislative body
– Federal government agencies
– Foreign affairs ministries across Asia
– News organizations

## Advanced Hacking Tools

i-Soon marketed sophisticated cyber weapons including:
– An “Automated Penetration Testing Platform” for phishing and remote access
– The “Divine Mathematician Password Cracking Platform”
– Software capable of bypassing multi-factor authentication on social media platforms
– A “Public Opinion Guidance and Control Platform” for manipulating online discourse

The Justice Department has seized four domains linked to the operation and is offering rewards up to $10 million for information leading to the identification of those responsible, with additional $2 million rewards for information on specific defendants.

“The Chinese government tried to conceal its efforts by working through a private company,” said FBI Acting Assistant Director Leslie Backschies, “but their actions amount to years of state-sponsored hacking targeting organizations and dissidents worldwide.”

Keywords: cyber espionage, Chinese hackers, i-Soon hacking, APT27, state-sponsored hacking, data theft surveillance

Share This Article

Exposed: 12 Chinese Nationals Charged in Massive State-Backed Cyber Espionage Campaign

Related Articles

Urgent Alert: Booking.com Phishing Scam Uses “ClickFix” Trick to Deploy Dangerous Malware Against Hospitality Workers

Urgent Alert: Critical FreeType Vulnerability Actively Exploited in the Wild – What You Need to Know

Alert: Medusa Ransomware Strikes Over 300 U.S. Critical Infrastructure Organizations

Quick Links

Company

Get In Touch