Listen To Story Above
The U.S. government announced a substantial $10 million reward for information leading to the capture of a Chinese national and his associates involved in a major cybersecurity breach.
The target, 30-year-old Guan Tianfeng, currently believed to be residing in Sichuan province, faces charges of computer and wire fraud conspiracy, revealed in a newly unsealed indictment.
Most Wanted Chinese Hacker Guan Tianfeng Charged for Conspiring to Develop, Deploy Malware Exploiting Tens of Thousands of Firewalls Worldwide https://t.co/FHGuDRCAZj pic.twitter.com/riNWjq6Hrd
— TheCrimesScene (@thecrimesscene) December 10, 2024
Concurrent with this announcement, U.S. authorities imposed sanctions on Guan’s employer, Sichuan Silence Information Technology Co Ltd.
China responded defensively, with foreign ministry spokesperson Mao Ning condemning the U.S. actions during a Wednesday media briefing. “We firmly oppose the excessive application of illegal unilateral sanctions… against Chinese entities and individuals,” Mao stated, promising protective measures for Chinese interests.
The cybercrime operation allegedly exploited vulnerabilities in Sophos Ltd firewalls, with Deputy Attorney General Lisa Monaco noting: “The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims around the world.”
The April 2020 attack targeted 81,000 firewall devices globally, with over 23,000 in the U.S., including 36 protecting critical infrastructure. The hackers sought to harvest credentials and deploy ransomware.
The U.S. State Department has announced a reward of up to $10 million for information leading to the identification or location of Guan Tianfeng or individuals conducting malicious cyber activities targeting U.S. critical infrastructure under foreign government direction.… pic.twitter.com/vGDYuDz4ff
— Brian Sioux (@artisanbusiness) December 10, 2024
FBI agent Herbert Stapleton emphasized the attack’s scope, while acknowledging Sophos’s swift response prevented more severe consequences.
Investigators revealed that Sichuan Silence allegedly profited by selling stolen data to Chinese businesses and government entities, including the Ministry of Public Security.
When contacted, a Sichuan Silence representative declined to comment on the sanctions and indicated Guan was unreachable.