The United States government on Tuesday announced a $10 million reward for information leading to the arrest of Guan Tianfeng, a Chinese hacker, and his co-conspirators. Guan, 30, is accused of hacking computer firewalls and is believed to reside in Sichuan Province, China.
The State Department disclosed that Guan faces charges of conspiracy to commit computer and wire fraud.
In a related move, the Treasury Department imposed sanctions on his employer, Sichuan Silence Information Technology Co. Ltd.
According to the indictment, Guan and his associates exploited a vulnerability in firewalls developed by UK-based cybersecurity firm Sophos Ltd. Deputy Attorney General Lisa Monaco stated, “The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims around the world.”
The cyberattack, which occurred in April 2020, targeted approximately 81,000 firewall devices globally, including 23,000 in the United States. Among the affected systems, 36 belonged to critical infrastructure companies, according to the Treasury. The hackers used malware to extract sensitive data such as usernames and passwords and attempted to deploy ransomware.
FBI agent Herbert Stapleton commended Sophos for its rapid response, noting that the company’s quick action mitigated what could have been a far more devastating breach. “The zero-day vulnerability Guan Tianfeng and his co-conspirators found and exploited affected firewalls owned by businesses across the United States,” he added.
The indictment also alleges that Sichuan Silence sold stolen data and hacking services to Chinese businesses and government entities, including the Ministry of Public Security.
A representative of Sichuan Silence declined to comment on the allegations or sanctions, stating that the company does not accept interviews.
The United States continues to offer rewards for information on cybercriminals as part of its strategy to combat global cyber threats.
