FBI: Chinese malware possibly behind OPM hack

FBI: Chinese malware possibly behind OPM hack
© Getty Images

Indications the U.S. government believes China is behind the massive government data breach are piling up.

The FBI warned companies Wednesday night about malicious software that security experts have tied to Chinese hackers, The Daily Beast reported.


The message, known as a “flash” alert, provided technical details about the Sakula malware. It was apparently a resend of an identical memo sent out June 5, the day after the Obama administration first revealed the data breach at the Office of Personnel Management (OPM).

In the alert, the FBI said hackers had recently used Sakula to steal “sensitive business information and personally identifiable information,” which would include names, dates of birth, and Social Security numbers.

Such data, the alert said, was a “priority target” for the cyberattackers.

Sakula is the malware of choice for a prominent Chinese hacking group that has targeted many U.S. businesses. It’s also the malware that was behind the mammoth data breaches at health insurers Anthem and Premera Blue Cross.

Security firms had previously tied the cyberattacks on both health insurers to the crippling hacks at the OPM, which have likely exposed well over 18 million current and former government employees' sensitive information.

But Wednesday’s memo is further evidence the government also thinks the incidents are linked. While the government has not publicly blamed China, Director of National Intelligence James Clapper has called China the “leading suspect” in the OPM breach.

It’s believed Chinese hackers were targeting the health insurers and the OPM as part of a cyber espionage scheme to build a comprehensive database on U.S. federal workers.

Sensitive information on government employees can be used to stage future cyberattacks, digitally imitate or blackmail officials, or even to recruit informants.