According to the indictment, Guan and his co-conspirators targeted a vulnerability in firewalls developed by UK-based cybersecurity firm Sophos Limited. In April 2020, they reportedly launched an attack on approximately 81,000 firewall devices worldwide, including over 23,000 in the United States.
Washington, D.C. — The United States has announced a $10 million reward for information leading to the arrest of Guan Tianfeng, a Chinese national accused of hacking computer firewalls.
Guan, 30, is believed to reside in Sichuan Province, China, according to the U.S. State Department.
An indictment unsealed on Tuesday charges Guan with conspiracy to commit computer fraud and wire fraud. He and his associates are accused of exploiting vulnerabilities in network security devices, infecting them with malware, and stealing sensitive data.
The U.S. Treasury Department has also imposed sanctions on Sichuan Silence Information Technology Co. Limited, the company where Guan worked. The indictment alleges that the company provided hacking services and sold stolen data to Chinese businesses and government agencies, including the Ministry of Public Security.
According to the indictment, Guan and his co-conspirators targeted a vulnerability in firewalls developed by UK-based cybersecurity firm Sophos Limited. In April 2020, they reportedly launched an attack on approximately 81,000 firewall devices worldwide, including over 23,000 in the United States. Among these, 36 firewalls were linked to critical infrastructure systems.
Deputy Attorney-General Lisa Monaco described the operation as a “malware campaign designed to steal information from victims globally.” She highlighted that the attack sought to obtain usernames, passwords, and other sensitive data while attempting to install ransomware on targeted systems.
Herbert Stapleton, an FBI cybersecurity official, praised Sophos for rapidly addressing the vulnerability, stating, “If Sophos had not swiftly identified the flaw and deployed a comprehensive response, the damage could have been far worse.”
The Treasury Department emphasized the significance of the attack, noting that the exploited firewalls belonged to businesses across the United States.
When contacted by AFP, a representative of Sichuan Silence declined to comment on the sanctions or Guan’s whereabouts, stating that the company “did not accept interviews.” The individual, who did not identify himself, also claimed that Guan was “uncontactable.”
Join our Channel...