Chinese man charged over US hack attacks Published duration 25 August 2017

image copyright Reuters image caption The arrest was made soon after Mr Yu touched down in Los Angeles

A Chinese man has been arrested in the US for allegedly selling malware used to hack into American companies.

US authorities claim in court papers that Yu Pingan bought and sold malicious software including the rarely used Sakula program.

That malware has been implicated in the 2014 hack attack on the US federal Office of Personnel Management (OPM).

Information on a huge number of US workers employed in sensitive or secret work was stolen in that data breach.

Software bugs

Mr Yu was arrested earlier this week soon after he disembarked from a flight that landed at Los Angeles international airport. He has been charged with breaching computer networks owned by several US firms.

Legal papers filed to support the arrest do not explicitly mention the OPM as one of the targets of the suspected attacks. Instead, they claim Mr Yu was a key member of a gang that carried out hack attacks on US firms between 2011 and 2014.

The hackers are alleged to have used fake web domains and previously unseen software vulnerabilities to gain a foothold on the networks of companies being targeted, say the court documents.

The targeted firms have not been named but the papers say they were based in California, Massachusetts and Arizona.