Justice Department Charges 12 Chinese Contract Hackers and Law Enforcement Officers in Global Computer Intrusion Campaigns

The Justice Department, FBI, Naval Criminal Investigative Service, and Departments of State and the Treasury announced today their coordinated efforts to disrupt and deter the malicious cyber activities of 12 Chinese nationals, including two officers of the People’s Republic of China’s (PRC) Ministry of Public Security (MPS), employees of an ostensibly private PRC company, Anxun Information Technology Co. Ltd. (安洵信息技术有限公司) also known as “i-Soon,” and members of Advanced Persistent Threat 27 (APT27).

These malicious cyber actors, acting as freelancers or as employees of i-Soon, conducted computer intrusions at the direction of the PRC’s MPS and Ministry of State Security (MSS) and on their own initiative. The MPS and MSS paid handsomely for stolen data. Victims include U.S.-based critics and dissidents of the PRC, a large religious organization in the United States, the foreign ministries of multiple governments in Asia, and U.S. federal and state government agencies, including the U.S. Department of the Treasury (Treasury) in late 2024.

“The Department of Justice will relentlessly pursue those who threaten our cybersecurity by stealing from our government and our people,” said Sue J. Bai, head of the Justice Department’s National Security Division. “Today, we are exposing the Chinese government agents directing and fostering indiscriminate and reckless attacks against computers and networks worldwide, as well as the enabling companies and individual hackers that they have unleashed. We will continue to fight to dismantle this ecosystem of cyber mercenaries and protect our national security.”

Read more: Department of Justice