Chinese government-linked hackers swiped at least $20 million in COVID relief funds from the US government, according to the feds.
The stolen taxpayer dollars came from Small Business Association loans and unemployment insurance funds from more than a dozen states, the Secret Service told NBC News. Half of the ill-gotten cash has been recovered.
APT41, a state-sponsored hacker group in the southwestern city of Chengdu, is believed to be behind the attack, the outlet reported.
“It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, the national pandemic fraud recovery coordinator for the Secret Service, told NBC.
The agency describe APT41 as “Chinese state-sponsored, cyber threat group that is highly adept at conducting espionage missions and financial crimes for personal gain.”
Five of its members have been indicted by federal prosecutors, but they have not been extradited to the US.
The Secret Service said it is investigating more than 1,000 possible instances of both foreign and domestic criminals stealing public benefits.
“I’ve never seen them target government money before,” John Hultquist, head of intelligence analysis at cybersecurity firm Mandiant, said of the Chinese government. “That would be an escalation.”
The US has previously said Chinese hackers were responsible for the data breaches of Equifax and the Anthem Health.