Chinese government hackers apparently stole millions in Covid benefits

(Image credit: Shutterstock)

Chinese state-sponsored hacking groups have stolen at least $20 million from the US government, the Secret Service has claimed.

The hackers reportedly targeted Covid-19 relief funds - US taxpayer money that was meant to help private sector businesses and workers survive the disruptive pandemic. 

The group that’s being blamed for the taxpayer money siphoning is called APT41, or Wicked Panda, also named Barium by some.

A matter of national security

This appears to be the first time the US government has publicly acknowledged pandemic fraud tied to a foreign, state-sponsored actor - but chances are, it won’t be the last one, as there are currently more than 1,000 investigations of potential transnational and domestic fraud incidents. 

“It would be crazy to think this group didn’t target all 50 states,” Roy Dotson, national pandemic fraud recovery coordinator for the Secret Service, told NBC News.

It’s unknown if the Chinese government told APT41 to attack the US government, or if it was the group acting on its own accord, with the local government turning a blind eye. Whatever the case, senior Justice Department officials call it a “dangerous” event with serious national security implications.

The Chinese embassy in the States is keeping silent on the matter, although given its previous interaction on these matters, it’s safe to assume that it will deny any involvement in any cybercriminal activity. 

Since Covid unemployment funds were formed, back in 2020, cybercriminals were all over it. In fact, according to figures from the Labor Department Office of Inspector General, a fifth (20%) of the $872.5 billion fund was given out “improperly”, with the actual scope of the fraud much likely being even higher. 

NBC News reminds that an in-depth analysis of four states showed 42.4% of pandemic benefits being paid improperly, in the first six months of the year.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.