A Chinese national was arrested in Los Angeles earlier this week on charges he used a rare type of computer malware that was also deployed to access millions of sensitive US records from the Office of Personnel Management.
Court papers filed against Yu Pingan do not mention OPM, but they do suggest a connection between the two. The OPM hack is considered one of the worst-ever computer breaches of US government computer systems, because the hackers were able to access a huge volume of information from security clearance forms filed by federal workers and contractors.
The suspect, along with other conspirators in China “would acquire and use malicious software tools, some of which were rare variants previously unidentified by the FBI and information security community, including a malicious software tool known as ‘Sakula’,” the criminal complaint states.
The Sakula malware has previously been linked to the OPM hack, as well as other suspected computer system penetrations in the United States.
Yu, 36, was arrested Monday night when he flew into Los Angeles International Airport, officials said.
US officials have previously said the Chinese government is responsible for the OPM hack, which breached major databases and exposed the sensitive information of about 22.1 million people, including not just federal employees and contractors but their families and friends.
The charges filed against Yu concern earlier alleged computer breaches of three US companies. He is accused of conspiracy to commit computer hacking for those incidents, which took place from 2012 to 2014.