The United States Department of Justice (DoJ) charged a Chinese national named Song Wu, 39, with sending spear-phishing emails to government employees to trick them into giving up restricted software. These emails were sent to NASA, the Air Force, the Navy, the Army, and the FAA employees. The FBI and NASA’s Office of Inspector General are investigating the case.
Wu had created email accounts impersonating US-based researchers and engineers. In addition to targeting the aforementioned government agencies, he also sent phishing emails to individuals working at major US universities and to employees working in private companies in the aerospace sector.
The emails asked for access to source code or software these individuals were believed to have access to as part of their jobs.
While the indictment doesn’t clarify whether Song Wu is part of a state-sponsored hacking group operating on China’s behalf, he was an employee of the Aviation Industry Corporation of China (AVIC) while carrying out the campaign. AVIC is a state-owned aerospace and defence company in Beijing that makes civilian and military aircraft.
The campaign lasted between 2017 and 2021 and was aided by other unknown individuals. While Song Wu remains at large, he has been charged with 14 counts of wire fraud and 14 counts of aggravated identity theft. Each count of wire fraud can land him up to 20 years in prison. Song also faces a mandatory, two-year consecutive penalty in prison for aggravated identity theft.
Song Wu wasn’t the only individual keeping the DoJ busy this week. The authority also unsealed a 2021 indictment alleging Jia Wei, another Chinese national, hacked into a US communication company’s network to steal proprietary information. Wei is believed to have operated on behalf of China’s People’s Liberation Army.
In the News: Instagram announces teen accounts for better minor privacy
