The U.S. Department of Justice has indicted 12 Chinese nationals, including two officials from China’s Ministry of Public Security (MPS), for orchestrating extensive hacking operations targeting American government agencies on behalf of Beijing. The accused are linked to a decade-long hacker-for-hire campaign commissioned by Chinese intelligence and police agencies, operating through a company named i-Soon. They allegedly sold stolen data to Chinese security agencies, with prices ranging from $10,000 to $75,000 per exploited email inbox.
The hacking activities targeted various sectors, including religious organizations, rights groups, media outlets critical of the Chinese government, and foreign ministries in Taiwan, India, South Korea, and Indonesia. Notably, the U.S. Defense Intelligence Agency and the Department of Commerce were among the victims.
This case underscores China’s use of third-party companies to achieve its cyber objectives against U.S. interests. The Chinese embassy in Washington has condemned the U.S.’s actions as unwarranted cybersecurity smears.
In a related development, the U.S. Treasury Department has sanctioned Shanghai Heiying Information Technology Company and its owner, Zhou Shuai, for selling stolen data and network access from critical U.S. infrastructure. Zhou Shuai and previously sanctioned hacker Yin Kecheng, implicated in a 2024 attack on the U.S. Treasury, were also indicted.
These actions highlight the U.S. government’s ongoing efforts to counter cyber threats and protect national security.