The United States government has announced a $10 million reward for information leading to the arrest of Guan Tianfeng, a 30-year-old Chinese hacker accused of carrying out large-scale cyberattacks.
Guan is believed to be living in Sichuan Province, China, according to the US State Department.
An indictment unsealed on Tuesday charged Guan with conspiracy to commit computer and wire fraud. The US Treasury Department also imposed sanctions on Sichuan Silence Information Technology Co. Ltd., the company Guan worked for.
Guan and his co-conspirators allegedly exploited vulnerabilities in firewalls produced by UK-based cybersecurity company Sophos Ltd. According to the indictment, they launched a massive attack in April 2020, targeting approximately 81,000 firewall devices globally, including 23,000 in the United States. Among these, 36 firewalls were protecting critical infrastructure systems.
Deputy Attorney General Lisa Monaco explained, “The defendant and his co-conspirators exploited a vulnerability in tens of thousands of network security devices, infecting them with malware designed to steal information from victims around the world.”
The hackers aimed to steal usernames, passwords, and other sensitive information from the targeted firewalls. They also attempted to infect the devices with ransomware, which could lock users out of their systems unless a ransom was paid.
Herbert Stapleton, an FBI agent, praised Sophos for quickly identifying the vulnerability, saying, “If Sophos had not rapidly identified the vulnerability and deployed a comprehensive response, the damage could have been far more severe.”
The indictment revealed that Sichuan Silence sold the stolen data and hacking services to Chinese businesses and government agencies, including the Ministry of Public Security.
The US government views this case as a significant threat to national security. “The zero-day vulnerability Guan Tianfeng and his co-conspirators found and exploited affected firewalls owned by businesses across the United States,” Stapleton added.
When contacted, a man at a phone number registered to Sichuan Silence declined to comment, stating, “The company does not accept interviews.” He also said Guan was “uncontactable” and refused to provide further information.
The US government has urged anyone with information about Guan or his co-conspirators to come forward.
