What is PLA Unit 61398 and who are the five Chinese hackers?


What is Unit 61398?


Photo: Reuters

Unit 61398 is a mysterious division of the Chinese military, and rumoured responsible for many cyber attacks against Western businesses.

The unit is housed in a 12-storey building near Shanghai, and is beloieved to be made up of thousands of cyber troops that follow command of the People’s Liberation Army.

Jen Weedon, threat intelligence manager at FireEye, a US cybersecurity firm, said that China is unique in that it uses its military to gain commercial advantages over foreign competitors.

"What makes Unit 61398 stand out is that it is operating under government orders but carrying out espionage for corporate reasons," she said.

Who are the alleged hackers?


Wang Dong, known by his online pseudonym Ugly Gorilla, has been active on Chinese military forums since 2004. In 2013, security firm Mandiant tracked an online user going by the name of UglyGorilla and traced his IP address to the Shanghai base of Unit 61398.

Wang is alleged to have controlled victims’ computers.


Sun Kailiang, who went by the name of Jack Sun, held the rank of captain during the early stages of the investigation, and was caught both sending malicious e-mails and controlling victim computers.


WinXYHappy, also known as Wen Zinyu, allegedly controlled victims’ computers.


Huang Zhenyu, going by the online persona of Hzy_lhx, was a computer programmer who managed the domain accounts of the other hackers in the group.


Gu Chunhui, aka KandyGoo, tested malicious e-mail messages and also managed the domain accounts used by the others.


Comments (0)

Leave a Reply

Your email address will not be published. Required fields are marked *


  • Favorite list is empty.
FavoriteLoadingClear favorites

Your favorite posts saved to your browsers cookies. If you clear cookies also favorite posts will be deleted.