U.S. prosecutors have indicted five Chinese nationals for their involvement in a wide-ranging cybercrime campaign that includes cryptocurrency mining malware attacks.
The indictments, unveiled Wednesday, centers around "computer intrusions affecting over 100 victim companies in the United States and abroad." Victims include government institutions, software companies, computing and telecom companies and "pro-democracy politicians and activists in Hong Kong" among many others. Two additional individuals were charged, per the Department of Justice statement.
As the Department of Justice further noted:
"The intrusions, which security researchers have tracked using the threat labels “APT41,” “Barium,” “Winnti,” “Wicked Panda,” and “Wicked Spider,” facilitated the theft of source code, software code signing certificates, customer account data, and valuable business information. These intrusions also facilitated the defendants’ other criminal schemes, including ransomware and “crypto-jacking” schemes, the latter of which refers to the group’s unauthorized use of victim computers to “mine” cryptocurrency."
The term "crypto-jacking" refers to the malicious deployment of code that hijacks a computer's processing power and uses it to surreptitiously mine cryptocurrency — usually without the owner being aware. The risk of crypto-jacking has prompted technology companies to work on solutions in a bid to avert the risk of a computer becoming compromised in this fashion.
Today's indictment represents a rare occurrence in which entities behind crypto-jacking are being prosecuted for their actions, though it is only a subset of the crimes alleged in the indictments. Last year, two Romanian citizens were indicted for alleged crypto-jacking activities, as reported at the time.