This federal indictment against Yin Kecheng is a focused PlugX malware and defense-targeting cyber intrusion case that alleges a years-long scheme to penetrate U.S. technology, engineering, aerospace, and policy organizations. The indictment states that the defendant targeted multiple victims, including defense contractors, an aerospace components supplier, and Washington-based research and policy think tanks, using malware disguised as legitimate software, stolen credentials, fraudulent domains, fraudulent subdomains, and intermediary “hop points” designed to conceal identity and route command traffic. The filing is particularly notable for its detailed explanation of how PlugX malware allegedly operated: beaconing from victim systems to attacker-controlled infrastructure, remote browsing and copying of files, exfiltration of hundreds of gigabytes of proprietary business information, and movement across victim networks using stolen employee credentials. Those details make the indictment highly searchable for PlugX indictment, cyber espionage against defense contractors, fraudulent domains, command-and-control beacons, and malware-enabled wire fraud.