The United States offered a $10 million reward on Tuesday for information leading to the arrest of a Chinese man and co-conspirators wanted for hacking computer firewalls.
Guan Tianfeng, 30, is believed to be living in China’s Sichuan Province, according to the State Department’s “Rewards for Justice” program.
An indictment charging Guan with conspiracy to commit computer fraud and conspiracy to commit wire fraud was unsealed on Tuesday.
Guan and co-conspirators at the Sichuan Silence Information Technology Co Ltd allegedly took advantage of a vulnerability in firewalls sold by UK-based cybersecurity company Sophos Ltd, according to the indictment.
“The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims around the world,” Deputy Attorney General Lisa Monaco said in a statement.
Some 81,000 firewall devices were simultaneously attacked worldwide in April 2020, the indictment said.
“The zero-day vulnerability Guan Tianfeng and his co-conspirators found and exploited affected firewalls owned by businesses across the United States,” FBI agent Herbert Stapleton said.
“If Sophos had not rapidly identified the vulnerability and deployed a comprehensive response, the damage could have been far more severe.”
According to the indictment, Sichuan Silence sold its services and data it obtained through hacking to Chinese businesses and to government entities, including the Ministry of Public Security.
cl/des