|
Chinese national arrested in Los Angeles
on U.S. hacking charge
Send a link to a friend
 [August 25, 2017]
By Joseph Menn
SAN FRANCISCO (Reuters) - U.S. authorities
on Thursday accused a Chinese national visiting the United States of
providing malware that has been linked to the theft of security
clearance records of millions of American government employees.
Yu Pingan of Shanghai was arrested on Monday at Los Angeles airport
after a federal criminal complaint accused him of conspiring with others
wielding malicious software known as Sakula, a Justice Department
spokesman said on Thursday.
The complaint said the group attacked a series of unnamed U.S. companies
using Sakula, the same rare program involved in U.S. Office of Personnel
Management (OPM) hacks detected in 2014 and 2015. The filing did not
mention the OPM hacks.
The arrest could provide information on the OPM hacks which U.S.
officials have blamed on the Chinese government.
In an FBI affidavit linked to the complaint, an FBI agent said he
believed Yu provided versions of Sakula to two unnamed men that he knew
would be used to carry out attacks on the firms.
Yu's court-appointed attorney, Michael Berg, said Yu was a teacher with
no affiliation with China's government.
"He says he has no involvement in this whatsoever," Berg said, adding
that Yu came to Los Angeles for a conference.
The Justice Department and San Diego FBI declined to comment further.
Chinese Foreign Ministry spokeswoman Hua Chunying told a regular press
briefing on Friday that she was not aware of the situation, but that
China actively seeks to guarantee overseas Chinese individuals' legal
rights. China opposes of all forms criminal internet activity, she
added.
[to top of second column] |
The court filings said Sakula had rarely been seen before the
attacks on U.S. companies and Yu knew the software he was providing
would be used in the hacks carried out between 2010 and 2015.
Though the victims are not named, some companies appeared to be in
the aerospace and energy industries.
Adam Meyers, vice president at U.S. security firm CrowdStrike, said
software flaws and one of the internet protocol addresses cited in
the complaint matched up with attacks on a U.S. turbine
manufacturer, Capstone Turbine, and a French aircraft supplier.
Meyers said Sakula could be used by multiple groups, but that all of
the known targets would be of interest to the Chinese government.
The OPM breach was a subject of U.S.-China talks, and the Chinese
government previously told American diplomats it had arrested some
criminals in the case.
Yu remains in jail pending a court hearing on his detention next
week.
(Reporting by Joseph Menn; Additional reporting by Michael Martina
in Beijing; Editing by Andrew Hay)
[© 2017 Thomson Reuters. All rights
reserved.]
Copyright 2017 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
