The U.S. Secret Service has said that hackers with ties to the Chinese communist regime have embezzled at least $20 million in U.S. government COVID relief funds.

The agency told NBC News that the stolen money was from unemployment insurance funds and Small Business Administration loans in more than a dozen states. 

The hackers reportedly belong to APT41, a state-sponsored group based in China’s Chengdu city, also known as Winnti, Barium, or Wicked Panda. Experts and U.S. officials described it as the workhorse of cyberespionage for the Chinese regime. 

It remains unclear if APT41 swiped the funds on CCP orders, as committing financial crimes is also a sideline. But the Secret Service knows that it has been a notable player in over 1,000 investigations into defrauding public benefits programs.

Roy Dotson, the national pandemic fraud recovery coordinator for the Secret Service, stated, “It would be crazy to think this group didn’t target all 50 states.”

The U.S. has prosecuted APT41 members for espionage. In terms of the purloined American tax dollars, a top DOJ official described it as “dangerous” and claimed that it had significant ramifications for national security.

John Hultquist from cybersecurity firm Mandiant called it an escalation, noting that he has never seen them target government money before. Ambassador-at-Large Nathaniel Fick from the State Department’s Bureau of Cyberspace and Digital Policy said the U.S. is the number one target of Chinese state-sponsored cyberthreats.

Fick said, “We are competitor number one.” 

Unfortunately, the U.S. has few options to stop APT41.
Former Assistant U.S. Attorney Demian Ahn has gone after the group with futile results. He said they have ample reach and resources. This includes tens of thousands of machines at one time, allowing them to obtain information about others while simultaneously generating criminal profits.

Sign up to receive our latest news!

By submitting this form, I agree to the terms.