They stole identities and video game technology, planted ransomware, and spied on Hong Kong activists, US officials say. Two Malaysians have been arrested but the five Chinese remain on the run.
The US Justice Department on Wednesday charged five Chinese nationals and two Malaysians who ran global hacking operations over at least six years.
The hackers targeted more than 100 companies and individuals in countries in the US and worldwide including software development, video game and social media companies, officials said. They also allegedly spied on pro-democracy politicians and activists in Hong Kong and accessed government computer systems in India and Vietnam.
The seven were long recognized by cybersecurity experts as the "APT41" hacking organization, identified by their shared tools and techniques.
Three of the Chinese suspects operated out of Chengdu 404, a Sichuan-based company that purported to offer network security services for other businesses.
While the charges did not indicate any direct political motivations behind the hackers' activities, one defendant, Jiang Lizhi — a member of Chengdu 404 — allegedly boasted connections to the Chinese Ministry of State Security, reported the Department of Justice.
"A hacker for profit is not going to hack a pro-democracy group," said acting US Attorney Michael Sherwin of the District of Columbia, where the cases were filed.
The five Chinese defendants remain fugitives, but prosecutors say two Malaysians were arrested in Malaysia this week and face extradition proceedings to the US.