U.S. Secret Service officials confirmed an exclusive report Monday alleging prolific cybercriminal hackers tied to the Chinese Communist Party have stolen nearly $20 million worth of COVID pandemic relief benefits.
Secret Service officials did not comment further upon corroborating the NBC News report. However, U.S. law enforcement officials and cybersecurity experts, who spoke on the condition of anonymity, said the pandemic fraud instance is the first publicly acknowledged example of theft linked to foreign and state-sponsored cybercriminals.
Officials said the hacker group in question is APT41, which they described as a “Chinese state-sponsored, cyber threat group that is highly adept at conducting espionage missions and financial crimes for personal gain” that operates out of the southwestern Chinese city of Chengdu.
APT41 — also known as Winnti, Barium, and Wicked Panda — allegedly began stealing COVID relief money in mid-2020 from approximately 2,000 accounts associated with more than 40,000 financial transactions, including Small Business Administration loans and unemployment insurance funds in more than at least a dozen states.