CNN — Chinese government-linked hackers have stolen at least $20 million in US government coronavirus relief funds, a US Secret Service spokesperson told CNN Monday – the first time the agency has connected Covid-19 fraud to hackers affiliated with a foreign government.
The hackers raided unemployment insurance funds and Small Business Administration loan money in more than a dozen US states, said Secret Service spokesperson Justine Whelan.
It is unclear if the hackers conducted the theft for personal gain or if they were operating on behalf of Beijing. CNN has requested comment from the Chinese Embassy in Washington, D.C.
NBC News first reported the news.
The hacking group the Secret Service blamed for the activity is known to the cybersecurity industry as APT41 and has for years allegedly conducted espionage on behalf of the Chinese government while also dabbling in self-enrichment schemes.
US prosecutors have accused APT41 of working on behalf of China’s civilian intelligence agency, the Ministry of State Security; a 2020 Justice Department indictment alleged that APT41 operatives were part of hacking schemes that targeted pro-democracy politicians in Hong Kong and breached over 100 companies in the US and abroad.
“Of the more than 1,000 ongoing investigations involving transnational and domestic criminal actors defrauding public benefits programs, APT41 has emerged a notable player,” said Roy Dotson, the Secret Service’s national pandemic fraud recovery coordinator, in a statement.
But the $20 million in Covid-19 relief support is just a fraction of pandemic relief money stolen from US government coffers by a broad range of criminal groups.
The Secret Service says it has seized over $1.4 billion in ill-gotten funds since 2020. To get a grip on the problem, the agency tapped Dotson to work with law enforcement agencies across the country to recover stolen funds.