This federal indictment charges Yin Kecheng and Zhou Shuai, alleged nationals of the People’s Republic of China, in a long-running computer intrusion and data-brokering conspiracy targeting U.S. technology companies, cleared defense contractors, a law firm, a managed communications provider, a county government, an academic health system, an engineering and research organization, and a defense-policy think tank. The charging document describes a campaign spanning at least June 2018 through November 2020 and alleges use of shared malicious infrastructure, command-and-control servers, leased hop points, web shells, VPN persistence, stolen credentials, vulnerability scanning, internal network pivoting, and exfiltration of valuable proprietary data. A particularly important feature is its discussion of exploitation of the publicly known SharePoint vulnerability CVE‑2019‑0604, which the conspirators allegedly leveraged together with widely available exploit code and consistent web-shell deployment. That makes the indictment especially relevant for searches involving PRC cyber espionage indictment, CVE‑2019‑0604 exploitation, web shell prosecution, defense contractor hacking, and cyber-enabled data brokering.

What distinguishes this filing from a simple hacking indictment is the way it blends intrusion conduct with a monetization narrative. The government alleges that the defendants not only breached victim networks but also sold stolen data and access to compromised systems to interested customers, discussed pricing, and routed bitcoin payments through U.S. correspondent processors to lease infrastructure used in the scheme. The indictment also includes victim-specific counts, aggravated identity theft counts tied to named employees and customers, and a money-laundering count for payments used to promote the hacking enterprise. From an SEO perspective, the document is dense with high-value terms such as Chinese hacking conspiracy, command-and-control servers, data exfiltration, stolen credentials, wire fraud, computer fraud, cybercrime indictment, cyber espionage, Think Tank hacking, and protected computer damage. It is a significant federal pleading linking espionage-style intrusions to commercial resale and infrastructure financing.