Chinese Hackers Steal $20m US Covid Relief Benefits

The US Secret Service have disclosed Covid benefits worth millions of dollars have been stolen by the Chinese hacking group APT41, otherwise known a as Winnt, that has links to the Chinese government. The money was extracted from a fund designed to help small businesses, including unemployment insurance funds and SBA loans in more than twelve US states. 

The hackers successfully took advantage of the chaos caused by the pandemic and other parts of the US and further afield are likely to have been hit with similar attacks. “It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, the national pandemic fraud recovery coordinator for the Secret Service, told NBC.

A state-sponsored hacker group APT41 located in the southwestern Chinese city of Chengdu is believed to be behind the attack. They are a notorious criminal operation that has carried out a variety of government-supported hacks and commercially motivated data breaches is the prime suspect

The campaign began in mid-2020 and impacted 2,000 accounts associated with more than 40,000 financial transactions.

It’s unclear at this stage whether the group was specifically given orders to steal the funds or if government handlers simply looked the other way. According to reports, cyber criminals started siphoning off a sizeable portion as soon as state governments started distributing Covid unemployment funds in 2020. 

The federal pandemic unemployment funds totaling $872.5 billion have suffered a high degree of fraud and has an 'improper payment rate' of 20%, according to the Labor Department’s Office of Inspector General. 

US government officials from several agencies believe the true cost of the fraud is likely higher. Indeed, the Labor  department has told Congress that an extensive analysis of four states revealed 42.4% of pandemic benefits were paid incorrectly in the first six months.

The Secret Service said it has been able to recover around half of the stolen $20m, although this is a minor sum   compared to the amount lost through Covid-related fraud.

TEISS:     Pymnts:    NBC:    NYPost:     TechMonitor:       Daily Mail:   Infosecurity-Magazine

You Might Also Read:  

Britain's COVID - Driven Online Crime Wave:
 

 

« The Current Market For Cyber Security Founders & Investors
The Need For OT-centric Cyber Security Strategies »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CloudEndure

CloudEndure

CloudEndure offers Disaster Recovery and Continuous Replication for the Cloud.

Kirkland & Ellis

Kirkland & Ellis

Kirkland & Ellis LLP is an international law firm with offices in the USA, Europe and Asia. Practice areas include Data Security & Privacy.

Security Research Labs (SRLabs)

Security Research Labs (SRLabs)

Security Research Labs is a Berlin-based hacking research collective and consulting think tank.

Experian

Experian

Experian provide software solutions to help organizations prevent identity fraud and crime.

Atos

Atos

Atos provides a unique Cyber Security end to end solution with a data-centric and pre-emptive security approach.

IT2Trust

IT2Trust

IT2Trust is one of Scandinavia’s leading value-added distributors of business-critical IT solutions within IT security and networking.

Garrison

Garrison

Garrison SAVI® is a unique technology for secure remote browsing that can dramatically change the risk profile for enterprise cyber security.

Digital Innovation Hub Slovenia (DIH)

Digital Innovation Hub Slovenia (DIH)

DIH Slovenia is a central hub providing services to grow digital competencies in areas including robotics, IoT, cyberphysical systems and cybersecurity.

Hub One

Hub One

Hub one is a leading player in digital transformation with expertise in broadband connectivity, business solutions for traceability and mobility, IOT in industrial environments and cybersecurity.

KETS Quantum Security

KETS Quantum Security

KETS harnesses the properties of quantum mechanics to solve challenging problems in randomness generation and secure key distribution and enable ultra secure communications.

IT Acceleration

IT Acceleration

IT Acceleration is a full-service IT management and support, IT compliance and Digital Forensics company.

StateRAMP

StateRAMP

StateRAMP reduces risk from unsecure cloud solutions and protects data by providing State and local governments a standardized approach for verifying and monitoring security postures.

CodeHunter

CodeHunter

CodeHunter is a malware hunting SaaS platform designed to detect all variations of malware, known and unknown, without the need for source code or signatures.

International Cyber Threat Task Force (ICTTF)

International Cyber Threat Task Force (ICTTF)

The International Cyber Threat Task Force is a not-for-profit initiative promoting the ecosystem of an International independent non-partisan cyber security community.

CyberHub

CyberHub

CyberHub is an educational platform that offers professional courses and knowledge sharing through articles and videos to help students discover their potential in cybersecurity.

Prompt Security

Prompt Security

Prompt Security provides an LLM agnostic approach to ensure security, data privacy and safety across all aspects of Generative AI.