Article Details

Chinese hackers linked to cybercrime syndicate arrested in Singapore. Six Chinese nationals and a Singaporean have been arrested on Monday in Singapore for their alleged role in malicious cyber activities committed in connection with a "global syndicate." During raids on Monday, the police arrested six of the men and seized electronic devices with hacking tools installed and ready for carrying out cyberattacks, stolen personally identifiable information (PII), and credentials for servers known to be controlled by known hacker groups. The operation involved 160 officers of Singapore’s police, intelligence agencies, and internal security department. “On 9 September 2024, about 160 officers from the Singapore Police Force’s Criminal Investigation Department, Police Intelligence Department, Special Operations Command and the Internal Security Department conducted simultaneous raids at multiple residential locations island-wide,” reads the police’s announcement. “The operation led to the arrest of the six men who are believed to be linked to a global syndicate which conducts malicious cyber activities.” A seventh man, a Chinese national, was arrested separately, according to national news sources. Various electronic devices and $1,394,000 in cash and cryptocurrencies have been seized by the police, and will be examined as part of the ongoing investigations. The seven individuals arrested in Singapore are: PlugX is a remote access trojan (RAT) type of malware that is used as a backdoor on compromised systems. It has been associated with attack campaigns attributed to Chinese threat actors because it was observed since 2008 mostly in cyber espionage activities attributed to Chinese state-sponsored hacking groups. Among the known Chinese advanced threat actors that leveraged PlugX in cyber operations are APT10 (Stone Panda), APT41 (Winnti), and Mustang Panda. However, authorities in Singapore have not specified the threat group the men are believed to be associated with.