Skip to main content
Press Release

Chinese National Charged for Multi-Year “Spear-Phishing” Campaign

For Immediate Release
U.S. Attorney's Office, Northern District of Georgia

ATLANTA – Song Wu, a Chinese national, has been indicted on charges for wire fraud and aggravated identity theft arising from his efforts to fraudulently obtain computer software and source code created by the National Aeronautics and Space Administration (“NASA”), research universities, and private companies.

“Efforts to obtain our nation’s valuable research software pose a grave threat to our national security,” said U.S. Attorney Ryan K. Buchanan. “However, this indictment demonstrates that borders are not barriers to prosecuting bad actors who threaten our national security.”

“Once again, the FBI and our partners have demonstrated that cyber criminals around the world who are seeking to steal our companies’ most sensitive and valuable information can and will be exposed and held accountable,” said Keri Farley, Special Agent in Charge of FBI Atlanta. “As this indictment shows, the FBI is committed to pursuing the arrest and prosecution of anyone who engages in illegal and deceptive practices to steal protected information.”

According to U.S. Attorney Buchanan, the indictment, and other information presented in court: Song allegedly engaged in a multi-year “spear phishing” email campaign in which he created email accounts to impersonate U.S.-based researchers and engineers and then used those imposter accounts to obtain specialized restricted or proprietary software used for aerospace engineering and computational fluid dynamics. This specialized software could be used for industrial and military applications, such as development of advanced tactical missiles and aerodynamic design and assessment of weapons.

In executing the scheme, Song allegedly sent spear phishing emails to individuals employed in positions with the United States government, including NASA, the U.S. Air Force, Navy, and Army, and the Federal Aviation Administration.  Song also sent spear phishing emails to individuals employed in positions with major research universities in Georgia, Michigan, Massachusetts, Pennsylvania, Indiana, and Ohio, and with private sector companies that work in the aerospace field. Song’s spear phishing emails appeared to the targeted victims as having been sent by a colleague, associate, friend, or other person in the research or engineering community. His emails requested that the targeted victim send or make available source code or software to which Song believed the targeted victim had access.

According to the indictment, while conducting this spear phishing campaign, Song was employed as an engineer at Aviation Industry Corporation of China (“AVIC”), a Chinese state-owned aerospace and defense conglomerate headquartered in Beijing, China.  AVIC manufactures civilian and military aircrafts and is one of the largest defense contractors in the world.

Song Wu, 39, of China is charged with 14 counts of wire fraud and 14 counts of aggravated identity theft.  Song faces a maximum statutory sentence of 20 years in prison for each count of wire fraud. Song faces a mandatory, two-year consecutive sentence in prison if convicted of aggravated identity theft.

Members of the public are reminded that the indictment only contains charges.  The defendant is presumed innocent of the charges and it will be the government’s burden to prove the defendant’s guilt beyond a reasonable doubt at trial.

This case is being investigated by the Federal Bureau of Investigation and the NASA – Office of Inspector General.

Assistant U.S. Attorney Samir Kaushal is prosecuting the case. Within the National Security Division, this matter is being handled by Trial Attorney Tanner Kroeger of the National Security Cyber Section with assistance from the Counterintelligence and Export Control Section.

This case is being coordinated by the Disruptive Technology Strike Force, an interagency law enforcement strike force co-led by the Departments of Justice and Commerce designed to target illicit actors, protect supply chains, and prevent critical technology from being acquired by authoritarian regimes and hostile nation-states. Under the leadership of the Assistant Attorney General for National Security and the Assistant Secretary of Commerce for Export Enforcement, the Strike Force leverages tools and authorities across the U.S. Government to enhance the criminal and administrative enforcement of export control laws.

For further information please contact the U.S. Attorney’s Public Affairs Office at USAGAN.PressEmails@usdoj.gov or (404) 581-6016.  The Internet address for the U.S. Attorney’s Office for the Northern District of Georgia is http://www.justice.gov/usao-ndga.

Updated September 16, 2024

Topics
Cybercrime
Identity Theft