The US Secret Service confirmed reports from NBC News that hackers based in China successfully stole tens of millions in COVID relief money.
Small Business Administration loans and unemployment insurance funds in at least 12 states have reportedly fallen victim to cybercrime groups known as APT41 or Winnti.
While the Security Service has not provided any additional details about this incidence, the US Justice Department indicted members of this group in 2019 and 2020 for allegedly spying on over 100 businesses.
The same group are also believed to have targeted a range of organisations across the world, as well as hacking firms in the political space in Hong Kong.
At the time of these previous attacks, then Deputy Attorney General Jeffrey A Rosen said: “Regrettably, the Chinese communist party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China.”
The Secret Service says they are currently working on more than 1,000 possible cases of criminal agents attempting to commit fraud to gain public benefits. The Chinese Embassy in Washington has not commented on these allegations.
It is not clear if the hacking group APT41 carried out these cyberattacks on their own or at the request of the Chinese government. However, the fact that this high-level form of cyberattack was possible is a clear sign that APT41 is well-resourced and not afraid of targeting government agencies.
This case is just one of many where cybercriminals have cheated the system to received payment from pandemic-related funds. Up to around 20% of pandemic unemployment funds may have been lost to fraud, according to Labor Department Office of Inspector General.