Six hackers who worked under the spies were also named, and two men who worked for the French company. The Justice Department was able to secure extradition for a Chinese Ministry of State Security officer for the first time this month after he was lured to Belgium on a mission to obtain data stolen by an engineer working for G.E. Aviation. They also accused them of working with two employees in a Jiangsu province office of the unnamed French aerospace manufacturer, Gu Gen and Tian Xi, who had been recruited to act as spies by the Chinese intelligence officers. This was stated by us prosecutors, writes The Guardian.
"The concerted effort to steal, rather than simply purchase, commercially available products should offend every company that invests talent, energy, and shareholder money into the development of products".
The hackers used spear phishing to deploy malware and other means to intrude into a French aerospace company that was developing the engines with a US company, prosecutors said. Two of the aerospace companies are French and one is British.
Earlier this month, the Justice Department announced it had arrested a spy for China's Ministry of State Security on charges of economic espionage and attempting to steal trade secrets from several USA aviation and aerospace companies. Other intrusions occured at aerospace companies based in Arizona, Massachusetts and Oregon. Other victims included a company in Wisconsin, companies based in the United Kingdom, and a "multinational conglomerate". Chai Meng, who is also known as "Cobain", coordinated the hackers and the activity of two Chinese employees of the French company, who also were charged for their role in facilitating the technology theft, US officials said.
The first hack took place around January 8, 2010, against Capstone Turbine, a Los Angeles gas turbine manufacture. (While the indictment doesn't provide specifics, the incident nearly certainly involved the group's reported hijacking of nytimes.com by first hacking Melbourne IT, the nytimes.com Australia-based domain registrar.) In early December 2013, prosecutors said, members of the conspiracy used the same tactic to hack the Australian registrar again, this time to hijack domain names of one of the targeted technology companies.
Hackers used phishing for the introduction of malware and other tools in the network of French aerospace company that developed engines in conjunction with the American company. The company had offices in Suzhou, Jinagsu province. Two types of malware, Sakula and IsSpace, were used by the defendants, to access the email recipients' computers. Can you take the Frenchmen out to dinner tonight? Gu, identified as the head of Information Technology and Security at the French company facility in Suzhou, notified the Chinese intelligence group that the malware had been detected on the company computers.
This alleged scheme involved multiple cyber attacks that ranged from hacking into companies so that they could send fake emails from corporate accounts to creating fake websites to try to trick people into handing over their passwords.
"I believe that the novelty and rarity of this malware is evidence that only a small group of hackers knew of it and that they were working together", a San Diego cybersquad Federal Bureau of Investigation agent noted in the complaint against the malware broker, Pingan Yu.