The person at the center of this case
Multiple victims across technology, telecommunications, government, defense, education, and manufacturing sectors globally
Cold Case · Open
6 years waiting · since 2019
APT 41 GROUP
Justice for Multiple victims across technology, telecommunications, government, defense, education, and manufacturing sectors globally — the trail went cold in 2019, but the truth hasn't.
Start here
Key leads to think about
🎯
suspect
Lead #1What is the current location and operational status of the five indicted APT 41 members, particularly their connection to Chengdu 404 Network Technology Company?
🔍
evidence
Lead #2How did APT 41 conduct supply chain attacks to compromise hundreds of organizations across multiple continents, and what technical tools and infrastructure remain active?
📍
location
Lead #3Which specific telecommunications providers in the United States and Asia-Pacific were targeted, and what sensitive data or network access was compromised?
APT 41, a Chinese state-sponsored hacking group, conducted sophisticated cyber attacks targeting hundreds of companies globally across technology, telecommunications, government, and defense sectors from 2019 onward. Five Chinese nationals—ZHANG Haoran, TAN Dailin, QIAN Chuan, FU Qiang, and JIANG Lizhi—were indicted on charges including unauthorized computer access, identity theft, money laundering, racketeering, and ransomware deployment. The group remains at large, and investigators continue seeking information about their operational infrastructure, victim networks, and financial flows to dismantle this transnational cyber threat.
Case
#532
International (multiple countries including United States, Australia, Brazil, Germany, India, Japan, Sweden, and others)
Federal Bureau of Investigation (FBI) and U.S. Department of Justice
Try asking
Claim this imported case
A one-time $10 claim transfers this imported case workspace to your account. You get 10 uploads for this case, 25 daily AI questions for this case, and public tips with files route to you.
10 uploads25 AI questions/day
This does not start a subscription. When the included limits are reached, the Personal plan unlocks more workspace capacity.
More leads to consider
Beyond the top three above — each detail below could be the thread that pulls this case open.
💡
clue
Lead #4What financial institutions or payment channels were used to launder ransomware payments and proceeds from cyber extortion schemes?
Have information about any of these leads?
Even the smallest detail could be the key to solving this case.
Official wording
Source Narrative
Caution: ZHANG Haoran , TAN Dailin , QIAN Chuan , FU Qiang , and JIANG Lizhi are all part of a Chinese hacking group known as APT 41 and BARIUM. On August 15, 2019, a Grand Jury in the District of Columbia returned an indictment against Chinese nationals ZHANG Haoran and TAN Dailin on charges including Unauthorized Access to Protected Computers, Aggravated Identity Theft, Money Laundering, and Wire Fraud.
These charges primarily stemmed from alleged activity targeting high technology and video gaming companies, and a United Kingdom citizen. On August 11, 2020, a Grand Jury in the District of Columbia returned an indictment against Chinese nationals QIAN Chuan , FU Qiang , and JIANG Lizhi on charges including Racketeering, Money Laundering, Fraud, Identity Theft, and Access Device Fraud.
These charges stem from their alleged unauthorized computer intrusions while employed by Chengdu 404 Network Technology Company. The defendants allegedly conducted supply chain attacks to gain unauthorized access to networks throughout the world, targeting hundreds of companies representing a broad array of industries to include: social media, telecommunications, government, defense, education, and manufacturing.
These victims included companies in Australia, Brazil, Germany, India, Japan and Sweden. The defendants allegedly targeted telecommunications providers in the United States, Australia, China (Tibet), Chile, India, Indonesia, Malaysia, Pakistan, Singapore, South Korea, Taiwan, and Thailand.
The defendants allegedly deployed ransomware attacks and demanded payments from victims.
Timeline of Events
🕵️
2019-08-15
First Indictment Returned
Grand Jury in the District of Columbia indicted ZHANG Haoran and TAN Dailin on charges of unauthorized computer access, identity theft, money laundering, and wire fraud targeting high technology and video gaming companies
🕵️
2020-08-11
Second Indictment Returned
Grand Jury in the District of Columbia indicted QIAN Chuan, FU Qiang, and JIANG Lizhi on charges of racketeering, money laundering, fraud, identity theft, and access device fraud related to supply chain attacks
Case Information
Incident:August 15, 2019
Last Updated:June 14, 2026
Leave a comment
Comments
Case Information
Incident:August 15, 2019
Last Updated:June 14, 2026