US offers $10 million for leads on Chinese hacker

The United States has offered a $10 million reward for information leading to the arrest of Guan Tianfeng, a Chinese hacker, and his co-conspirators involved in breaching computer firewalls, AFP reported.

Guan, 30, is believed to reside in Sichuan Province, China, according to the State Department.

On Tuesday, an indictment was unsealed charging Guan with conspiracy to commit computer and wire fraud. The Treasury Department also imposed sanctions on his employer, Sichuan Silence Information Technology Co. Ltd.

Guan and his team allegedly exploited a vulnerability in firewalls sold by UK-based cybersecurity firm Sophos Ltd. This breach affected tens of thousands of network security devices globally, allowing them to deploy malware that stole sensitive information, including usernames, passwords, and even attempted ransomware attacks.

In April 2020, around 81,000 firewall devices worldwide were compromised, with over 23,000 of them located in the U.S., including 36 protecting critical infrastructure.

FBI agent Herbert Stapleton emphasized the potential severity of the breach, stating that had Sophos not acted quickly, the damage could have been far worse.

The indictment also claims that Sichuan Silence sold the stolen data and hacking services to Chinese businesses and government entities, including the Ministry of Public Security.