Chinese Hackers Steal $20m US Covid Relief Benefits

Uploaded on 2022-12-12 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

The US Secret Service have disclosed Covid benefits worth millions of dollars have been stolen by the Chinese hacking group APT41, otherwise known a as Winnt, that has links to the Chinese government. The money was extracted from a fund designed to help small businesses, including unemployment insurance funds and SBA loans in more than twelve US states. 

The hackers successfully took advantage of the chaos caused by the pandemic and other parts of the US and further afield are likely to have been hit with similar attacks. “It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, the national pandemic fraud recovery coordinator for the Secret Service, told NBC.

A state-sponsored hacker group APT41 located in the southwestern Chinese city of Chengdu is believed to be behind the attack. They are a notorious criminal operation that has carried out a variety of government-supported hacks and commercially motivated data breaches is the prime suspect

The campaign began in mid-2020 and impacted 2,000 accounts associated with more than 40,000 financial transactions.

It’s unclear at this stage whether the group was specifically given orders to steal the funds or if government handlers simply looked the other way. According to reports, cyber criminals started siphoning off a sizeable portion as soon as state governments started distributing Covid unemployment funds in 2020. 

The federal pandemic unemployment funds totaling $872.5 billion have suffered a high degree of fraud and has an 'improper payment rate' of 20%, according to the Labor Department’s Office of Inspector General. 

US government officials from several agencies believe the true cost of the fraud is likely higher. Indeed, the Labor  department has told Congress that an extensive analysis of four states revealed 42.4% of pandemic benefits were paid incorrectly in the first six months.

The Secret Service said it has been able to recover around half of the stolen $20m, although this is a minor sum   compared to the amount lost through Covid-related fraud.

TEISS:     Pymnts:    NBC:    NYPost:     TechMonitor:       Daily Mail:   Infosecurity-Magazine

You Might Also Read:  

Britain's COVID - Driven Online Crime Wave:
 

 

« The Current Market For Cyber Security Founders & Investors
The Need For OT-centric Cyber Security Strategies »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

E-Tech

E-Tech

E-Tech has been providing system support and information technology consulting services including Internet and Network Security assessments.

Cloud Foundry Foundation (CFF)

Cloud Foundry Foundation (CFF)

Cloud Foundry supports the full application development lifecycle, from inception, through all testing stages, to deployment.

AON

AON

Aon is a leading global provider of risk management (including cyber), insurance and reinsurance brokerage, human resources solutions and outsourcing services.

ATSEC Information Security

ATSEC Information Security

ATSEC is an independent, privately-owned company that focuses on providing laboratory and consulting services for information security.

Apicrypt

Apicrypt

Apicrypt enables secure communications between health professionals by using strong encryption technologies.

Certus Software

Certus Software

Our Secure Data Erasure solutions protect customer data confidentiality by completely erasing it from data storage devices.

Computest

Computest

Computest security testing services include Mobile app security, Vulnerability assessments, Attack & penetration testing, Security awareness training, Network security assessments.

BetaDen

BetaDen

BetaDen provides a revolutionary platform for businesses to develop next-generation technology, such as the internet of things and industry 4.0.

Axxum Technologies

Axxum Technologies

Axxum Technologies is a premier provider of Network Communications and Information Technology Security Solutions.

Secured Communications

Secured Communications

Secured Communications has developed the only unified secure communications platform trusted by public safety and counter terrorism professionals around the world.

Intechtel

Intechtel

Intechtel is a cyber security company, in addition to providing other internet, technology and telephone services.

Nagios

Nagios

Nagios is a powerful tool that provides you with instant awareness of your organization’s mission-critical IT infrastructure.

MedSec

MedSec

MedSec is the only company of its type focused solely on cybersecurity for hospitals and medical device manufacturers, offering both a cybersecurity software solution and consulting services.

The Cyber Guild

The Cyber Guild

The Cyber Guild is a not-for-profit organization working to improve the understanding and practice of cybersecurity, and to help raise awareness and education for all.

Kaesim Cybersecurity

Kaesim Cybersecurity

Kaesim are a global team of cybersecurity experts protecting businesses since 2015. We stop bad people damaging your business, your data and your reputation.

Benchmark IT Services (BITS)

Benchmark IT Services (BITS)

BITS is a leading cyber security company in Australia. Our certified professionals work with you to keep your data assets safe and secure.