一中國公民因傳播惡意軟件被FBI逮捕

A Chinese citizen has been charged by the FBI with distributing the malicious software used to steal files on more than 25m people from the US Office of Personnel Management in 2014.

美國聯(lián)邦調查局(FBI)指控一名中國公民傳播一款惡意軟件。2014年，有人使用該軟件從美國人事管理局(OPM)盜取了逾2500萬人的文件。

Yu Pingan was arrested at Los Angeles international airport on Wednesday as he arrived in the US for a conference, CNN reported, citing an FBI spokesperson.

周三，俞平安(Yu Pingan，音譯)為參加一次大會到達美國時，在洛杉磯國際機場被捕，美國有線電視新聞網(CNN)援引FBI發(fā)言人的話報道稱。

Mr Yu is not charged with hacking the OPM himself, but rather “with conspiring to commit fraud in connection with computers”, according to an FBI indictment.

FBI的起訴書顯示，俞平安被控的罪名不是他本人對OPM發(fā)起黑客攻擊，而是“與其他人共謀實施與計算機相關的欺詐”。

The FBI alleges in the indictment that Mr Yu provided malware – including the “rarely-used Sakula virus” later employed in the OPM breach – to two unnamed hackers, allowing them to target computer networks owned by US companies.

FBI在起訴書中指稱，俞平安把惡意軟件——包括后來被入侵OPM過程中使用的“很少用到的Sakula病毒”——提供給了兩個不知姓名的黑客，使他們得以瞄準美國公司的計算機網絡。

Mr Yu appears to have been aware that his activities could draw the bureau’s attention, based on an excerpt reproduced in the indictment from a conversation on July 27, 2011 with one of his handlers:

根據(jù)起訴材料中一段2011年7月27日他與幾名處理者之一的對話錄音，俞平安似乎意識到，他的行為可能引起FBI的注意：

YU: Lost the shell [access to the RAT], but should be able to get it back.

俞平安: 失去了殼 [對RAT的訪問權限]，但應該能夠把它拿回來。

UCC #2: Be careful about security UCC #2:

注意安全性

YU: Um

俞平安: 嗯

UCC #2: Don’t draw the attention of the FBI. UCC #2:

不要引起FBI的注意。

The malware in question, Sakula, was identified by the FBI in 2015 as having been used in both the OPM breach and that of US insurer Anthem, which saw data for as many as 80m of its customers exposed.

2015年，F(xiàn)BI發(fā)現(xiàn)惡意軟件Sakula被用于入侵OPM和美國保險公司Anthem的兩起事件。在后一起事件中，多大8000萬名客戶的資料被泄露。

In June of that year James Clapper revealed that China was the “leading suspect” in the OPM breach after the Financial Times reported earlier that month that evidence pointed to the incident originating in China. OPM director Katherine Archuleta was ultimately forced to resign the following month as more detail on the scale of the breaches came to light.

當年6月，詹姆斯•克拉珀(James Clapper)披露稱，中國是OPM遭入侵的“主要嫌疑對象”——在那之前，英國《金融時報》在月初報道稱，證據(jù)說明發(fā)起攻擊的源頭在中國。隨著有關攻擊規(guī)模的更多細節(jié)被曝光，OPM局長凱瑟琳•阿丘利塔(Katherine Archuleta)在隨后的一個月被迫辭職。

Mr Yu is the second individual this month arrested in a US airport on charges of creating malware. Marcus Hutchins, British cyber security researcher who helped stop the spread of the WannaCry ransomware, was arrested as he tried to fly home from Las Vegas on charges that he assisted with the creation of malicious software targeting banks.

俞平安是本月在美國機場因創(chuàng)制惡意軟件被捕的第二人。曾幫助阻止“想哭”(WannaCry)勒索軟件傳播的英國網絡安全研究人員馬庫斯•哈欽斯(Marcus Hutchins)正要從拉斯維加斯乘飛機回家時被捕，罪名是他協(xié)助創(chuàng)制了針對銀行的惡意軟件。