State-Sponsored Chinese Hacking Group Targeting Crypto Firms: Report

An intelligence company released a report indicating the connection between Chinese authorities and a crypto-exploitative hacking collective.

AccessTimeIconAug 8, 2019 at 1:30 a.m. UTC
Updated Sep 13, 2021 at 11:18 a.m. UTC
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

A Chinese espionage operator is attacking crypto firms during state-sponsored campaigns, according to a FireEye Threat Intelligence report published August 2.

The intelligence company “assesses with high confidence” that APT41, a hacking collective, has moved on from financially motivated attacks of video game companies to working alongside the Chinese government. The report was first uncovered by CoinTelegraph.

Reportedly, the hacker group “targets industries in a manner generally aligned with China's Five-Year economic development plans.”

In addition to targeted attacks of healthcare, telecoms, fintech, and film and media companies, evidence suggest APT41 has infiltrated and phished a number of firms operating in the crypto industry.

In June 2018, APT41 sent spear-phishing emails that prompted targets to join a cryptocurrency-denominated decentralized gaming platform to game studios.

The same month, a crypto exchange was targeted by the same email address, reportedly operated by one Tom Giardino.

Furthermore, in at least one instance, the hacking group deployed malicious code that uploads a monero mining bot on a target’s computer, in what is developing into a common form of cyber extortion.

Hacker photo via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to to register and buy your pass now.