Chinese Citizen Possessed by US in Connection with Sakula Malware

A Chinese National has been arrested by FBI in connection with the distribution of Sakula Malware. This is the same malware that has been used in the Anthem and OPM attack. Many companies and International firms have been a victim of it. The suspect belongs to Sanghai and his name is Yu Pingan and age is 26. He was arrested in Log Angeles on August, 21. Reportedly, the suspect was entered in the US for a security conference.

According to authorities, Yu Pingan along with two other unknown conspirators was involved in infecting four US companies with “Sakula” backdoor Trojan. The US Department of Justice has charged four hacking cases on Yu. He was working as an “malware-broker”. Hacking issues has been a major issue for US Department in past few years. Between 2014 to 2015 alone, cyber-hackers were able to steal personal recordes of more than 21 million government employee from “US Office of Personal Management” and more than 80 million medical records from “Anthem Inc.” which is a health insurance company.

Yu has been directly accused for carrying breaches in “Anthem Inc.” and OPM by the US Cyber Security Firm. They have blamed a cyber-espionage unit named as “Deep Panda” which is also known as APT19. According to reports, Yu and other conspirator were possessed for at least four zero days namely CVE-2014-0322 (affecting IE10), CVE-2012-4969 (affecting IE6), CVE-2012-4792 (affecting IE6), and an anonymous Flash Player zero-day that was mentioned by Yu in chat transcripts.