Crisis Management for a Conflict with North Korea
This is the best North Korea conflict crisis support available today. Predict, plan, build, prepare, train, and test in the right way.
Chinese trio entered Singapore on fraudulent work permits to hack websites for criminal, were found with data of foreign governments
Channel News Asia | English | News | Nov. 7, 2025 | Cyber Attacks and Data Loss
Three Chinese men from Henan entered Singapore on fraudulent work permits arranged by a Ni-Vanuatu citizen, Xu Liangbiao, under false pretenses in 2022. They were housed in a bungalow with expenses paid and tasked with hacking gambling websites and a Chinese SMS service company to obtain illicit data. Between September 2022 and May 2023, the trio carried out cyber intrusions, exploiting vulnerabilities and deploying malware, including remote access trojans associated with advanced persistent threat groups like Shadow Brokers and plugX, although they denied direct links to such groups.
Their activities involved gathering sensitive data such as personal details from gambling site users, Philippine power company information, and traffic data from the targeted SMS service. Despite attempts to avoid Singaporean and government websites, data related to foreign governmental domains — including those of Australia, Argentina, Vietnam, and Kazakhstan — were found on their devices. The trio was paid approximately US$3 million in cryptocurrency for their work, sharing some of it with another hacker in Singapore. Police raided their Mount Sinai residence in September 2024, seizing laptops, malware files, and cash.
Xu had arranged the false work permits fraudulently and disappeared from Singapore in August 2023 ahead of a police crackdown on a money laundering ring. The men received prison sentences on November 5, 2025: Yan Peijian was sentenced to 28 months and one week, Huang Qin Zheng to the same, and Liu Yuqi to 28 months and four weeks. Prosecutors highlighted the reputational damage to Singapore as a cybercrime hub despite the trio avoiding local targets. Defense lawyers argued the men were not initially intending to commit crimes and claimed limited hacking success, but the court found them guilty of their key roles in a sophisticated and well-funded criminal operation that posed significant risks to international cybersecurity.