Chinese Hackers Steal $20m US Covid Relief Benefits

Uploaded on 2022-12-12 in TECHNOLOGY--Hackers, INTELLIGENCE-Hot Spots-China, FREE TO VIEW

The US Secret Service have disclosed Covid benefits worth millions of dollars have been stolen by the Chinese hacking group APT41, otherwise known a as Winnt, that has links to the Chinese government. The money was extracted from a fund designed to help small businesses, including unemployment insurance funds and SBA loans in more than twelve US states. 

The hackers successfully took advantage of the chaos caused by the pandemic and other parts of the US and further afield are likely to have been hit with similar attacks. “It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, the national pandemic fraud recovery coordinator for the Secret Service, told NBC.

A state-sponsored hacker group APT41 located in the southwestern Chinese city of Chengdu is believed to be behind the attack. They are a notorious criminal operation that has carried out a variety of government-supported hacks and commercially motivated data breaches is the prime suspect

The campaign began in mid-2020 and impacted 2,000 accounts associated with more than 40,000 financial transactions.

It’s unclear at this stage whether the group was specifically given orders to steal the funds or if government handlers simply looked the other way. According to reports, cyber criminals started siphoning off a sizeable portion as soon as state governments started distributing Covid unemployment funds in 2020. 

The federal pandemic unemployment funds totaling $872.5 billion have suffered a high degree of fraud and has an 'improper payment rate' of 20%, according to the Labor Department’s Office of Inspector General. 

US government officials from several agencies believe the true cost of the fraud is likely higher. Indeed, the Labor  department has told Congress that an extensive analysis of four states revealed 42.4% of pandemic benefits were paid incorrectly in the first six months.

The Secret Service said it has been able to recover around half of the stolen $20m, although this is a minor sum   compared to the amount lost through Covid-related fraud.

TEISS:     Pymnts:    NBC:    NYPost:     TechMonitor:       Daily Mail:   Infosecurity-Magazine

You Might Also Read:  

Britain's COVID - Driven Online Crime Wave:
 

 

« The Current Market For Cyber Security Founders & Investors
The Need For OT-centric Cyber Security Strategies »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Vera Security

Vera Security

Vera is a data security platform that provides 360-degree visibility and control over critical business data, anywhere it's shared or stored.

Semperis

Semperis

Semperis is an enterprise identity protection company that enables organizations to quickly recover from accidental or malicious changes and disasters that compromise Active Directory.

Smokescreen

Smokescreen

Smokescreen's IllusionBLACK employs deception technology to detect, deflect and defeat advanced hacker attacks.

Osirium

Osirium

The Osirium PxM Privileged Access Management platform addresses both security and compliance requirements by defining who gets access to what and when.

DataTribe

DataTribe

DataTribe is a cyber startup foundry, leveraging deep experience and expertise to build and launch successful product companies.

Bloc Ventures

Bloc Ventures

Bloc Ventures is an investment company providing long-term, ‘patient’ equity capital to early stage unquoted deep technology companies.

KryptoKloud

KryptoKloud

KryptoKloud offer a suite of Managed Services including Security Monitoring and Incident Response as well as a full portfolio of Compliance, Governance and Audit solutions.

Nineteen Group

Nineteen Group

Nineteen Group delivers major-scale exhibitions within the security, fire, emergency services, health and safety, facilities management and maintenance engineering sectors.

Tide Foundation

Tide Foundation

Tide's breakthrough multi-party-cryptography enables TRUE-zero-trust technology that unlocks cyber-herd immunity.

WhizHack Technologies

WhizHack Technologies

WhizHack's mission is to not only create a pipeline of cyber security products but also to empower people to sustainable innovation in securing digital assets of tomorrow.

Zeva

Zeva

Zeva solves complex identity and encryption challenges for the federal government and corporations around the globe.

NetTech

NetTech

NetTech’s Managed CyberSecurity and Compliance/HIPAA services are designed to help your company prevent security breaches and quickly remediate events if they do happen to occur.

Vectra AI

Vectra AI

Vectra threat detection & response - see and stop threats across hybrid and multi-cloud enterprises.

RMC

RMC

RMC was purpose-built for Mission Assurance and ICS/OT cybersecurity, dedicated to strengthening and protecting government and commercial assets.

Phylum

Phylum

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation.

ThreatCaptain

ThreatCaptain

ThreatCaptain is a Cybersecurity Leadership Development Company driven to enhance and illuminate cybersecurity risk through strategic alignment and informed business decision-making.