U.S. authorities have arrested a Chinese national, saying he provided a hacking tool that was used to breach major corporations and was linked to a 2015 data hack of the U.S. Office of Personnel Management.
That hack involved the theft of security clearance records of millions of American government employees.
Yu Pingan, 36, was arrested Monday at Los Angeles International Airport on a federal criminal complaint saying he was providing a malicious code linked to cyber-attacks against U.S. government data in 2015, Reuters reported.
The suspect – whom authorities said used the pseudonym GoldSun -- was also accused of conspiring with two other Chinese individuals to hack four unnamed U.S. companies using a rare software called Sakula – the same program used in U.S. government hacks.
FBI Special Agent Adam James said in an affidavit filed with a court that the FBI is after a group of hackers who compromised companies’ computer networks with “an uncommon malicious software tool known as ‘Sakula,’” and other hacking tools, the Wall Street Journal reported.
Seized communications revealed that Yu had provided the software to others and was aware that the malware would be used breach data, James said.
According to Adam Meyers, vice president of cybersecurity company CrowdStrike Inc., the Sakula software has been often used against “a number of high-profile targets.”
“Over the 2012 to 2015 timeframe, we saw lots of significant breaches involving Sakula,” Meyers told the Wall Street Journal.
The arrest of Yu is one of the first cases brought against a Chinese national based on the Computer Fraud and Abuse Act following a 2015 agreement between President Barack Obama and Chinese President Xi Jinping to stop theft of industrial trade secrets, the New York Times reported.
The federal complaint, according to the Times, claims that the suspect has been using the malicious software since 2012 and the FBI agents suggest Yu is among a small circle of Chinese hackers using the code.
The data breach, which started in 2014 and was discovered in 2015, let hackers steal personal information of government employees, including addresses, health and financial histories, and fingerprints, the Times reported.
The federal criminal complaint, however, does not accuse Yu of personally being responsible for the hacking of the Office of Personnel Management – only the malware he was providing.
Michael Berg, Yu’s court-appointed attorney, claimed the detained man is not affiliated with the Chinese government and is merely a teacher.
"He says he has no involvement in this whatsoever," the attorney said, according to Reuters, adding that he came to the U.S. for a conference.