The U.S. government has announced new legal actions targeting alleged Chinese hackers, including multiple indictments and sanctions, in connection with a years-long espionage campaign. Federal authorities have charged 10 individuals in total, including eight employees from a Chinese tech company, i-Soon (also known as Anxun Information Technology), and two members of the Chinese Ministry of Public Security.
The indictment, made public on Wednesday, describes i-Soon as a key component in China’s “hacker-for-hire” ecosystem, claiming the company played a significant role in targeting global and U.S. entities. Among the alleged victims were the U.S. Defense Intelligence Agency, the Department of Commerce, Taiwan’s and South Korea’s foreign ministries, and several organizations critical of China, including news agencies. Additionally, the hackers infiltrated various religious groups, including a major U.S.-based religious organization.
The indictment outlines that i-Soon charged Chinese intelligence agencies between $10,000 and $75,000 for each email inbox they successfully breached, with added fees for data analysis. The charges against the individuals range from stealing sensitive personal and government data to orchestrating cyber-attacks on foreign governments.
In response, the Chinese embassy in Washington condemned the U.S. sanctions, emphasizing China’s opposition to what it called “long-arm jurisdiction” and vowed to take action to protect the rights of its citizens and companies.
Alongside the indictments, the U.S. Treasury Department announced sanctions against Shanghai-based Heiying Information Technology and its founder, Zhou Shuai, for allegedly selling stolen data and access to compromised U.S. infrastructure networks. Some of the stolen data was reportedly sold to a previously sanctioned Chinese hacker, Yin Kecheng, who was also indicted. Yin is linked to a prior breach of U.S. Treasury data.
