Acting U.S. Attorney Soo C. Song announced Monday three residents of China and former employees of Guangzhou Bo Yu Information Technology Company Limited were indicted for theft and trade secrets, computer hacking and conspiracy and identity theft.
Wu Yingzhou, aka “Christ Wu,” Dong Hao, aka “Dong Shi Ye” and Xia Lei, aka “Sui Feng Yan Mie” conspired to hack into the computers of three private corporate entities to “steal sensitive internal documents” from December 2015 through March 2016, according to court documents.
Xia, Dong and Wu allegedly coordinated computer intrusions against entities operating outside China, including the United States. The defendants would send “spearphishing” emails to the victim corporations’ employees. These emails contained links to malware and malicious attachments. Once the employee clicked on the link, the defendants were able to access the recipient’s computer.
Once access was obtained, the co-conspirators would then install malware, such as “exeproxy” and “ups” on the victim computer. To prevent detection, the defendants would create online accounts using aliases, as well as utilize valid credentials stolen from the victim systems and intermediary computer servers, “hop points.”
The primary goal was to steal data from the victims’ computers. The hundreds of gigabytes of data stolen included confidential information, employee information and work product.
The defendants were charged with conspiring to commit computer fraud and abuse, conspiring to commit trade secret theft, wire fraud and aggravated identify theft.
To read the full report, visit justice.gov.