China-backed hackers stole at least $20 million worth of U.S. COVID-19 relief benefits in the last two years, according to the Secret Service.
Cybercriminal group APT41, also known as Winnti, conducted a mix of government-backed cyber intrusions and financially motivated data breaches during which the group stole monies intended for Americans put out of work by COVID-19 related measures, according to a report first published by NBC.
A spokesperson for the Secret Service confirmed the veracity of the report in an email, but declined to provide further details on the case.
Several members of APT41 were previously indicted between 2019 and 2020 for their role in spying on over 100 companies in the fields of software development, telecommunications, social media, and video games.
Likewise, hackers from APT41 have also penetrated the online systems of at least six U.S. state governments, conducted disinformation campaigns to affect the outcome of U.S. elections, and illicitly intercepted text messages and call records of major U.S. telecommunications firms.
It is currently unclear to what extent the CCP directed the group to pilfer the U.S. monies, or how much pandemic relief was ultimately obtained through the fraud and theft. Most estimate say that around $400 billion in pandemic relief was stolen by cyber criminals, many of them based in adversarial nations, including China and Russia.
APT41’s thefts involved more than 2,000 fraudulent accounts that conducted 40,000 transactions. Of the $20 million they stole, the Secret Service has recovered about half.
The admission by the Secret Service that APT41 was behind a string of such thefts is notable as it is the first time in which the U.S. government has publicly acknowledged pandemic fraud was committed by cybercriminals linked to a state sponsor.
Rep. Mike Gallagher (R-Wis.) responded to the report, saying that the incident provided further evidence of malign activity by the CCP, which is already known to be engaged in a wide ranging campaign of espionage in the United States.
“This new evidence makes clear that CCP hackers have defrauded U.S. government programs and stolen money from the American taxpayer,” Gallagher said in a statement. “Even worse, this is neither the first nor the last time Chinese hackers will target U.S. institutions.”
“When the Republicans are in the majority next Congress, we must properly investigate the theft of COVID benefits, which experts are calling the largest case of fraud carried out against the United States in American history.”