InsighthubNews
  • Home
  • World News
  • Politics
  • Celebrity
  • Environment
  • Business
  • Technology
  • Crypto
  • Sports
  • Gaming
Reading: Chinese engineer indicted in US for years of cyberespionage targeting NASA and military
Share
Font ResizerAa
InsighthubNewsInsighthubNews
Search
  • Home
  • World News
  • Politics
  • Celebrity
  • Environment
  • Business
  • Technology
  • Crypto
  • Sports
  • Gaming
© 2024 All Rights Reserved | Powered by Insighthub News
InsighthubNews > Technology > Chinese engineer indicted in US for years of cyberespionage targeting NASA and military
Technology

Chinese engineer indicted in US for years of cyberespionage targeting NASA and military

September 19, 2024 5 Min Read
Share
Chinese engineer indicted in US for years of cyberespionage targeting NASA and military
SHARE

A Chinese national has been indicted in the United States on charges of conducting a “multi-year” spear-phishing attack to gain unauthorized access to computer software and source code created by the National Aeronautics and Space Administration (NASA), research universities and private companies.

Song Woo, 39, was charged with 14 counts of wire fraud and 14 counts of aggravated identity theft. If convicted, he faces up to 20 years in prison for each wire fraud count and two consecutive years for each aggravated identity theft count.

He worked as an engineer for Aviation Industry Corporation of China (AVIC), a Chinese state-owned aerospace and defense conglomerate founded in 2008 and headquartered in Beijing.

According to information posted on AVIC’s website, the company has “more than 100 subsidiaries, approximately 24 publicly listed companies, and more than 400,000 employees.” In November 2020 and June 2021, the company and some of its subsidiaries were targeted by U.S. sanctions, prohibiting Americans from investing in the company.

Song is said to have created email accounts posing as US-based researchers and engineers and used them to carry out spear-phishing attacks to obtain specialized restricted or proprietary software for aerospace engineering and computational fluid dynamics.

The software can also be used for industrial and military applications, such as the development of advanced tactical missiles and the aerodynamic design and evaluation of weapons.

The Department of Justice (DoJ) alleges that the emails were sent to employees at NASA, the Air Force, Navy, Army and the Federal Aviation Administration, as well as major research universities in Georgia, Michigan, Massachusetts, Pennsylvania, Indiana and Ohio.

See also  GitLab fixes critical SAML authentication bypass vulnerability in CE and EE editions

The social engineering attempts, which began around January 2017 and continued until December 2021, also targeted private companies operating in the aerospace sector.

The fraudulent messages purported to be sent by colleagues, associates, friends, or others in the research or engineering community and asked potential targets to send or provide source code or software to which they had access. The Department of Justice did not disclose the names of the software or the current whereabouts of the defendants.

“The FBI and our partners have once again proven that cybercriminals around the world who seek to steal our companies’ most sensitive and valuable information can be found and held accountable,” said Special Agent in Charge Kelly Farley of the FBI in Atlanta.

“As this indictment demonstrates, the FBI is committed to arresting and prosecuting those who engage in illegal and deceptive conduct to steal protected information.”

At the same time as the indictments, the Department of Justice also unsealed a separate indictment against Jia Wei, a Chinese national and member of the People’s Liberation Army (PLA), who is accused of hacking into an unnamed U.S.-based telecommunications company in March 2017 and stealing proprietary information related to civilian and military communications equipment, product development, and testing programs.

“During the unauthorized access, Wei and his co-conspirators attempted to install malicious software designed to enable persistent unauthorized access to the networks of U.S. companies,” the Justice Department said. “Wei’s unauthorized access continued until approximately late May 2017.”

The development comes just weeks after the UK National Crime Agency (NCA) announced that three men – Karam Pikkali, 22, Vijayasiddhushan Vijayanathan, 21, and Aza Siddiq, 19 – had pleaded guilty to operating a website that allowed cybercriminals to circumvent banks’ anti-fraud checks and take over bank accounts.

See also  Cybercriminals exploit HTTP headers to steal credentials through mass phishing attacks

The service, called OTP.agency, allowed monthly subscribers to socially engineer bank account holders into revealing real one-time passcodes and divulging personal information.

The underground service is said to have targeted more than 12,500 members of the public between September 2019 and March 2021. Three people were arrested and the service was shut down in March 2021. It is currently unclear how much illegal revenue it generated during this period of activity.

“The basic package, which cost £30 per week, allowed criminals to bypass multi-factor authentication on platforms such as HSBC, Monzo and Lloyds, allowing them to complete fraudulent online transactions,” the NCA said. “The elite plan, which cost £380 per week, allowed access to Visa and Mastercard authentication sites.”

Share This Article
Twitter Copy Link
Previous Article Upcoming nuclear RTS game "ICBM Escalation" asks for facial donations Upcoming nuclear RTS game “ICBM Escalation” asks for facial donations
Next Article Pharrell Williams criticizes celebrities who support politicians: 'No one is listening' Pharrell Williams criticizes celebrities who support politicians: ‘No one is listening’
Leave a comment Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest News

The Solution is Cyber ​​Hygiene

The Solution is Cyber ​​Hygiene

Cybersecurity in healthcare has never been more urgent. As the…

September 19, 2024
mm

Enterprise LLM API: A top choice for powering LLM applications in 2024

Some big recent news stories have escalated the race for…

September 19, 2024
Authentication Bypass

GitLab fixes critical SAML authentication bypass vulnerability in CE and EE editions

GitLab has released a patch to address a critical flaw…

September 19, 2024
Chinese engineer indicted in US for years of cyberespionage targeting NASA and military

Chinese engineer indicted in US for years of cyberespionage targeting NASA and military

A Chinese national has been indicted in the United States…

September 19, 2024
IoT Botnet

New “Raptor Train” IoT Botnet Compromises Over 200,000 Devices Worldwide

Cybersecurity researchers have discovered a never-before-seen botnet made up of…

September 18, 2024

You Might Also Like

Post-Quantum Cryptography Defense
Technology

Google Chrome switches to ML-KEM for quantum cryptography defense

5 Min Read
MISTPEN Malware
Technology

North Korean Hackers Target Energy and Aerospace Industries with New MISTPEN Malware

4 Min Read
Android Malware
Technology

New Android malware ‘Ajina.Banker’ steals financial data via Telegram, bypasses 2FA

4 Min Read
HTTP Headers for Credential Theft
Technology

Cybercriminals exploit HTTP headers to steal credentials through mass phishing attacks

7 Min Read
InsighthubNews
InsighthubNews

Welcome to InsighthubNews, your reliable source for the latest updates and in-depth insights from around the globe. We are dedicated to bringing you up-to-the-minute news and analysis on the most pressing issues and developments shaping the world today.

  • Home
  • Celebrity
  • Environment
  • Business
  • Crypto
  • Home
  • World News
  • Politics
  • Celebrity
  • Environment
  • Business
  • Technology
  • Crypto
  • Sports
  • Gaming
  • World News
  • Politics
  • Technology
  • Sports
  • Gaming
  • About us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms of Service
  • About us
  • Contact Us
  • Disclaimer
  • Privacy Policy
  • Terms of Service

© 2024 All Rights Reserved | Powered by Insighthub News

Welcome Back!

Sign in to your account

Lost your password?