A 36 - yr - old Chinese national was arrested in Los Angeles this week in connection with a reckoner hacking conspiracy need malware linked to the 2014 US Office of Personnel Management ( OPM ) data breach .
Yu Pingan of Shanghai , China , was collar on Wednesday while traveling at Los Angeles International Airport . Also identified by the hacker pseudonym “ GoldSun , ” Yu has been charged under the Computer Fraud and Abuse Act and is further accuse of confederacy to commit offence or defraud the United States .
concord to anAugust 21 bill of indictment , lodge in the US District Court for the Southern District of California , Yu collaborated with others , including two unknown individuals who have not been charged , to acquire and use malware to alleviate cyberattacks against at least four unnamed US companies . The FBI has identified Yu ’s conscientious objector - machinator as survive in the People ’s Republic of China . At this stage , the names of the companies ( i.e. , victims ) are being oppress , which is not unordinary .
The indictment is accompanied by an affidavit signed by an FBI agent assigned to a cybercrime squad at the bureau ’s San Diego Field Office . A interpreter for the bureau could not be immediately reached for a comment .
The FBI has accused Yu of discourse the installation of a removed access trojan , or RAT , at an unidentified company as early on as in June 2011 . A year later , one his machinator allegedly establish malicious file on the net of a San Diego - based company . The same company was allegedly attacked again on or before December 3 , 2013 .
In January 2013 , Yu ’s co - conspirators allegedly used a variant of the malware Sakula in an onset on a second company base in Massachusetts . Multiple security business firm have tied Sakulato the OPM attack — a monolithic data rift that involve the records of million of US citizens who had undergone government security clearance check . According to Washington Post sources , China ’s involvement was suspected by US authorities , though the Obama government activity never official ascribed incrimination .
Chinese authorities have repeatedly abnegate any affaire in the OPM attack . “ The Chinese governing takes unhesitating strong cadence against any variety of hack approach , ” China ’s Foreign Ministrytold Reutersin 2015 . “ We oppose baseless insinuations against China . ”
Sakula was also used in the 2015 Anthem information breach , which involved the likely thievery of roughly 80 million someone ’ personal medical records . autonomous investigators concluded with intermediate confidence earlier this year that the Anthem attack was in all likelihood carried out on behalf ofa alien government .
Neither Anthem nor OPM is cited in connection with Yu ’s arrest and Anthem does not appear to be based in any of the cities mention in the bill of indictment . Yu was allegedly linked to use of the then - rare Sakula malware through emails prevail by the FBI .
Yu ’s Colorado - conspirators are said to have go against a third ship’s company based in Los Angeles , however , in December 2012 . The attackers allegedly pack advantage of a then - strange vulnerability — or “ zero day”—in Microsoft ’s Internet Explorer , which allowed for remote code execution and injection of Sakula .
Sakula is also a known tool of China - based advanced persistent threat nicknamedDeep Panda , or APT 19 , which has been linked by certificate researchers to both the OPM and Anthem attacks .
The two nameless and unindicted co - conspirators also allegedly attacked a fourth caller base in Arizona . The FBI agent ’s affidavit states that Yu provided one of the cobalt - conspirators the malicious computer software as early as April 2011 . The communication allegedly show that Yu also informed the second co - conspirator of an exploit for Adobe ’s Flash software .
What ’s more , FBI - sequester communications show that in November 2011 , Yu indicated that he had “ compromised the legitimate Korean Microsoft domain used to download software updates for Microsoft Cartesian product , ” and further stated , allegedly , that the cut up site could be used to launch phishing attacks .
According to CNN , Yu was apprehend after entering the US on Wednesday to attend a group discussion .
This tale is formulate and will be updated as more information becomes available .
CybersecuritySecurity
Daily Newsletter
Get the good tech , science , and civilization newsworthiness in your inbox day by day .
newsworthiness from the future tense , deliver to your present .
You May Also Like
