FBI charges Chinese national with distributing malware used in OPM hack
The FBI has filed charges against a Chinese malware broker named Yu Pingan, alleging that he provided hackers with malware, including the Sakula trojan, to breach multiple computer networks belonging to companies in the US.
Security
Yu was arrested on August 21 at Los Angeles International Airport, the Justice Department confirmed to ZDNet. The FBI's criminal complaint alleges that Yu, also known as "GoldSun," conspired with two unnamed hackers from around April 2011 through around January 2014 to maliciously target a group of US companies' computer networks.
The complaint filed does not name which companies were targeted but notes that the different companies were headquartered in San Diego, California; Massachusetts; Los Angeles, California; and Arizona.
The rarely-used Sakula malware, which was cited in the complaint, has been linked to both the 2014 breach of the US Office of Personnel Management as well as the 2015 breach of the health insurance firm Anthem. The FBI's criminal complaint against Yu does not refer to OPM.
The Anthem breach impacted 78.8 million current and former customers of the company, while the OPM hack affected more than 22 million records of Americans who had applied for security clearance to work for the government.
PREVIOUS AND RELATED COVERAGE
FBI can keep secret who's in its biometrics 'mega database,' says Justice Dept.
Trump administration demands data on over a million visitors to anti-Trump site
The EFF, representing Dreamhost in the case, called the Justice Dept's order 'unconstitutional'.