APT41 Sent US Covid Cash to China — Wicked Panda

Chinese hackers stole tens of millions of dollars from PPP, the federal Paycheck Protection Program. So say Secret Service sources.

APT41, a/k/a Winnti, Barium and Wicked Panda, is the group the feds have blamed. And it seems this is just the tip of a very deep, cold iceberg.

$20 million here, $20 million there. In today’s SB Blogwatch, pretty soon we’re talking serious money.

Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: C(arol)64.

Keep Your Storied Pomp — Give Me Your Money

What’s the craic? Christopher Bing reports—“Chinese hackers stole millions worth of U.S. COVID relief money”:

Hacking group
The Secret Service declined to provide any additional details but confirmed … the Chinese hacking team that is reportedly responsible is known within the security research community as APT41. [It] is a prolific cybercriminal group that had conducted a mix of government-backed cyber intrusions and financially motivated data breaches.

Several members of the hacking group were indicted in 2019 and 2020 by the U.S. Justice Department for spying on over 100 companies. … The Chinese embassy in Washington did not immediately respond to a request for comment.

Who broke the story? Sarah Fitzpatrick, Kit Ramgopal, Kevin Collier and Abigail Williams—“First pandemic fraud tied to foreign, state-sponsored cybercriminals that the U.S. government has acknowledged publicly”:

Serious national security implications
Hackers linked to the Chinese government stole at least $20 million in U.S. Covid relief benefits, including Small Business Administration loans and unemployment insurance funds in over a dozen states. … The theft of taxpayer funds by the Chengdu-based hacking group known as APT41 … may just be the tip of the iceberg.

Other federal investigations of pandemic fraud also seem to point back to foreign state-affiliated hackers. … The Secret Service [said] there are more than 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs, and APT41 is “a notable player.” [It] fits the model and is considered a particularly prolific Chinese intelligence asset, known to commit financial crimes on the side.

The Covid fraud scheme … began in mid-2020 and spanned 2,000 accounts associated with more than 40,000 financial transactions. … Multiple current and former U.S. officials say the theft … is a troubling development that raises the stakes. One senior Justice Department official called it “dangerous” and said it had serious national security implications.

$20 million? A drop in the ocean, writes Lucas Ropek—“Foreign cybercriminals were among those who exploited America’s dysfunctional benefits programs”:

At least $20 billion in benefits have been stolen
Of course, China’s keyboard warriors aren’t the only ones to take advantage of America’s poorly watched welfare system. U.S. covid relief funds have been the subject of global fraud, totaling in the billions of dollars. … Weirdly limited oversight of America’s benefits distribution has made the system easy prey.

Cybercriminals and fraudsters have used a host of unsavory tactics (like stealing the social security numbers of dead people) to create fake profiles and file for illegitimate funds. In California alone, experts “conservatively” estimate that at least $20 billion in benefits have been stolen—including by a guy who boldly filed for funds using the name “Mr. Poopy Pants.”

Scatological trousers aside, s_p_oneil takes the argument to its illogical conclusion:

It’s also a drop in the bucket compared to how much covid relief money went to fraud committed by people/organizations in the US. These Chinese hackers were pathetic slackers compared to US scammers.

Such a cloudy story. u/WollCel finds the silver lining:

I know a lot of people who suddenly became barbers or nail techs during covid to apply for PPP. … A domestic theft of covid cash … was just people exploiting the government’s stupidity and using it to buy stuff within the US. That still achieved the goal of stimulating the domestic economy.

However, because of the lack of checks or virtually any oversight, tens of billions got moved overseas to nations with prominent scammer infrastructures, thus taking your taxes and stimulating non-domestic economies. In the end it turns out that when the government just offers people free money, everyone and their brother is going to find a way to exploit that system. Especially when there are almost no consequences.

How can you stop this? aec007 is shaken, not stirred: [You’re fired—Ed.]

You stop this by not taxing imports (which ultimately is paid by the taxpayer) but by restricting imports out right. That loss of market share will be filled by someone else.

However, Tailhook points the finger of blame closer to home:

Standard. Every one of these American­Rescue­Troubled­Asset­Covid­Inflation­Relief­Paycheck­Protection­Recovery acts are a absolute field day for fraud and scammers. Why shouldn’t the Chinese and everyone else on the planet get a piece of our Banana Republic helicopter funny money cannon?

Let’s have a Crypto Recovery Act to re-inflate that squirming mass of copulating tapeworms!

Meanwhile, u/Honey_Overall suggests a painful alternative:

If they want $20 million that badly, I propose we give it to them. In pennies. Delivered in rolls. From a few C 130s at high altitude over Beijing.

And Finally:

O C64 Night

Hat tip: buffet_the_appetite_slayer

Previously in And Finally


You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites … so you don’t have to. Hate mail may be directed to @RiCHi or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: Dimitar Donovski (via Unsplash; leveled and cropped)

Richi Jennings

Richi Jennings is a foolish independent industry analyst, editor, and content strategist. A former developer and marketer, he’s also written or edited for Computerworld, Microsoft, Cisco, Micro Focus, HashiCorp, Ferris Research, Osterman Research, Orthogonal Thinking, Native Trust, Elgan Media, Petri, Cyren, Agari, Webroot, HP, HPE, NetApp on Forbes and CIO.com. Bizarrely, his ridiculous work has even won awards from the American Society of Business Publication Editors, ABM/Jesse H. Neal, and B2B Magazine.

richi has 590 posts and counting.See all posts by richi