The person at the center of this case
Multiple international organizations and companies in technology, telecommunications, government, defense, education, and manufacturing sectors
Cold Case · Open
6 years waiting · since 2019
APT 41 GROUP
Justice for Multiple international organizations and companies in technology, telecommunications, government, defense, education, and manufacturing sectors — the trail went cold in 2019, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is the current location and status of the five indicted Chinese nationals, and are international extradition efforts underway?
🔍
evidence
Lead #2How did APT 41 identify and exploit specific supply chain vulnerabilities across hundreds of companies in multiple countries?
💡
clue
Lead #3What specific ransomware variants were deployed, and can payment records help identify additional victims or accomplices?
APT 41, a Chinese hacking group also known as BARIUM, conducted sophisticated cyber attacks targeting high-technology companies, video gaming firms, and government entities worldwide between 2019 and 2020. Five Chinese nationals—ZHANG Haoran, TAN Dailin, QIAN Chuan, FU Qiang, and JIANG Lizhi—were indicted on charges including unauthorized computer access, identity theft, money laundering, racketeering, and ransomware deployment affecting hundreds of victims across multiple continents. The case remains active as authorities work to locate and apprehend the defendants, who allegedly exploited supply chain vulnerabilities to compromise networks in telecommunications, defense, education, and manufacturing sectors.
Case
#532
Federal Bureau of Investigation (FBI); U.S. District Court for the District of Columbia
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
📍
location
Lead #4What role did Chengdu 404 Network Technology Company play in coordinating these attacks, and are other Chinese entities involved?
⏰
timeline
Lead #5What was the full scope and timeline of the supply chain attacks, and were there earlier undetected intrusions before the 2019-2020 indictments?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Caution: ZHANG Haoran , TAN Dailin , QIAN Chuan , FU Qiang , and JIANG Lizhi are all part of a Chinese hacking group known as APT 41 and BARIUM. On August 15, 2019, a Grand Jury in the District of Columbia returned an indictment against Chinese nationals ZHANG Haoran and TAN Dailin on charges including Unauthorized Access to Protected Computers, Aggravated Identity Theft, Money Laundering, and Wire Fraud.
These charges primarily stemmed from alleged activity targeting high technology and video gaming companies, and a United Kingdom citizen. On August 11, 2020, a Grand Jury in the District of Columbia returned an indictment against Chinese nationals QIAN Chuan , FU Qiang , and JIANG Lizhi on charges including Racketeering, Money Laundering, Fraud, Identity Theft, and Access Device Fraud.
These charges stem from their alleged unauthorized computer intrusions while employed by Chengdu 404 Network Technology Company. The defendants allegedly conducted supply chain attacks to gain unauthorized access to networks throughout the world, targeting hundreds of companies representing a broad array of industries to include: social media, telecommunications, government, defense, education, and manufacturing.
These victims included companies in Australia, Brazil, Germany, India, Japan and Sweden. The defendants allegedly targeted telecommunications providers in the United States, Australia, China (Tibet), Chile, India, Indonesia, Malaysia, Pakistan, Singapore, South Korea, Taiwan, and Thailand.
The defendants allegedly deployed ransomware attacks and demanded payments from victims.
Timeline of Events
🕵️
2019-08-15
First Indictment
Grand Jury in the District of Columbia indicted ZHANG Haoran and TAN Dailin on charges of Unauthorized Access to Protected Computers, Aggravated Identity Theft, Money Laundering, and Wire Fraud related to attacks on high-technology and video gaming companies
🕵️
2020-08-11
Second Indictment
Grand Jury in the District of Columbia indicted QIAN Chuan, FU Qiang, and JIANG Lizhi on charges of Racketeering, Money Laundering, Fraud, Identity Theft, and Access Device Fraud stemming from supply chain attacks and ransomware deployment
Key Locations
Interactive map showing important locations related to this case
Case Information
Incident:August 15, 2019
Last Updated:April 29, 2026
Leave a comment
Comments
Case Information
Incident:August 15, 2019
Last Updated:April 29, 2026