ARTICLE
3 January 2025

The US Government Charges China-Based Hacker For Exploiting Zero-Day Vulnerability

KM
Katten Muchin Rosenman LLP

Contributor

Katten is a firm of first choice for clients seeking sophisticated, high-value legal services globally. Our nationally and internationally recognized practices include corporate, financial markets and funds, insolvency and restructuring, intellectual property, litigation, real estate, structured finance and securitization, transactional tax planning, private credit and private wealth.
On December 10, 2024, the federal government unsealed an indictment in federal court in Indiana, charging Chinese national Guan Tianfeng (Guan) for his role in allegedly breaking into thousands of Sophos Ltd.
United States Indiana Technology

On December 10, 2024, the federal government unsealed an indictment in federal court in Indiana, charging Chinese national Guan Tianfeng (Guan) for his role in allegedly breaking into thousands of Sophos Ltd. (Sophos) firewall devices globally in 2020. In total, Guan and his co-conspirators infected approximately 81,000 firewall devices worldwide, including a firewall device used by an agency of the United States (US).

According to the indictment, Guan worked at Sichuan Silence Information Technology Company, Limited (Company). According to the Company's website, it developed a product line that could be used to scan and detect overseas network targets to obtain valuable intelligence information. The Federal Bureau of Investigation is investigating the Company's hacking activities and intrusions into various edge devices.

Guan has been charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. The US Department of State also announced rewards on the same day as the indictment of up to $10 million for information leading to the identification or location of Guan or any person who, while acting at the direction or under the control of a foreign government, engages in certain malicious cyber activities against US critical infrastructure in violation of the Computer Fraud and Abuse Act. The US Department of the Treasury's Office of Foreign Assets Control also announced sanctions on Sichuan Silence and Guan today.

"Today's indictment underscores our commitment to protecting the public from malicious actors who use security research as a cover to identify vulnerabilities in widely used systems and exploit them," said U.S. Attorney Clifford D. Johnson for the Northern District of Indiana. "Guan Tianfeng and his co-conspirators placed thousands of computer networks, including a network in the Northern District of Indiana, at risk by conducting this attack."

www.justice.gov/...

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More