Newark, NJ – An indictment unsealed today charged four Vietnamese nationals for their roles in a series of cyberattacks on U.S. companies, causing over $71 million in losses, announced U.S. Attorney Philip R. Sellinger.
The indicted individuals, Ta Van Tai, aka “Quynh Hoa,” aka “Bich Thuy”; Nguyen Viet Quoc, aka “Tien Nguyen”; Nguyen Trang Xuyen; and Nguyen Van Truong, aka “Chung Nguyen,” were members of the international cybercrime group “FIN9.” From May 2018 through October 2021, the defendants allegedly hacked computer networks of U.S. companies, stealing non-public information, employee benefits, and funds.
“The FIN9 defendants were prolific international hackers who, for years, allegedly used phishing campaigns, supply chain attacks, and other hacking methods to steal millions from their victims,” stated U.S. Attorney Sellinger. He emphasized that despite their efforts to hide behind technology, the Department of Justice successfully identified them.
FBI – Newark Special Agent in Charge James E. Dennehy noted, “Cyber actors cloak themselves in the virtual world, hiding in a space most people can’t see and don’t understand. However smart these hackers believe they are at disguising themselves, these members of the FIN9 group couldn’t conceal their exfiltration of data from their victims’ companies.”
The defendants gained unauthorized access to victim companies’ networks through phishing campaigns and supply chain attacks. Once inside, they exfiltrated non-public information, employee benefits, and funds. The defendants redirected digital employee benefits, such as gift cards, to accounts they controlled and stole gift card information from certain victims.
Authorities urge any business facing similar attacks to contact the FBI immediately to protect their systems and prevent further criminal activity.