Chinese man charged over US hack attacks

  • Published
Los Angelese airportImage source, Reuters
Image caption,
The arrest was made soon after Mr Yu touched down in Los Angeles

A Chinese man has been arrested in the US for allegedly selling malware used to hack into American companies.

US authorities claim in court papers that Yu Pingan bought and sold malicious software including the rarely used Sakula program.

That malware has been implicated in the 2014 hack attack on the US federal Office of Personnel Management (OPM).

Information on a huge number of US workers employed in sensitive or secret work was stolen in that data breach.

Software bugs

Mr Yu was arrested earlier this week soon after he disembarked from a flight that landed at Los Angeles international airport. He has been charged with breaching computer networks owned by several US firms.

Legal papers filed to support the arrest do not explicitly mention the OPM as one of the targets of the suspected attacks. Instead, they claim Mr Yu was a key member of a gang that carried out hack attacks on US firms between 2011 and 2014.

The hackers are alleged to have used fake web domains and previously unseen software vulnerabilities to gain a foothold on the networks of companies being targeted, say the court documents.

The targeted firms have not been named but the papers say they were based in California, Massachusetts and Arizona.

The arrest is believed to be linked to the OPM breach because, unlike many other malicious programs, Sakula has only been used to carry out a small number of attacks. As well as being implicated in the OPM breach it was also used in a 2015 attack on US health insurance giant Anthem.