The US Justice Department has charged five Chinese citizens with hacks targeting more than 100 companies and institutions in the United States and abroad.
The attacks focused on the bilion-dollar social media and video game industry as well as universities and telecommunications providers, officials said on Wednesday.
The five defendants remain fugitives but prosecutors say two Malaysian businessmen charged with conspiring with the hackers for profit were arrested in Malaysia this week and face extradition proceedings.
The indictments are part of a broader effort by the Trump administration to call out cybercrimes by China.
In July, prosecutors accused hackers of working with the Chinese government to target companies developing coronavirus vaccines and stealing hundreds of millions of dollars in intellectual property and trade secrets.
Though those allegations were tailored to the pandemic, the charges announced on Wednesday - and range of victims identified - were much broader and involved attacks both for monetary gain and espionage purposes.
In unsealing three related indictments, officials laid out a wide-ranging hacking scheme targeting a variety of business sectors and academia and carried out by a China-based group known as APT41.
That group has been tracked by the cybersecurity firm Mandiant Threat Intelligence, which described the hackers as prolific and successful at blending criminal and espionage operations.
The hackers relied on a series of tactics, including compromising the networks of the software providers, modifying source code and conducting secondary attacks on customers.
The Justice Department did not directly link the hackers to the Chinese government.
However officials said the hackers were probably serving as proxies for Beijing because some of the targets, including pro-democracy activists and students at a Taiwan university, were in line with government interests and didn't appear to be about scoring a profit.
"A hacker for profit is not going to hack a pro-democracy group," said acting US Attorney Michael Sherwin.
Those targets, including some bearing the "hallmark" of conventional espionage, point to the conclusion the hackers had at least an indirect connection with the government, Sherwin said.
In addition, one of the five defendants told a colleague he was very close to the Chinese Ministry of State Security and would be protected "unless something very big happens," and also agreed not to go after domestic targets in China, said Deputy Attorney General Jeffrey Rosen.
But some of the conduct was clearly profit driven, officials said.
Two of the Chinese defendants, for instance, were charged with breaking into video game companies and obtaining digital currency then sold for profit on the black market.
Rosen, the Justice Department's No. 2 official, criticised the Chinese government for what he said was a failure to disrupt hacking crimes and to hold hackers accountable.
"Ideally, I would be thanking Chinese law enforcement authorities for their co-operation in the matter and the five Chinese hackers would now be in custody awaiting trial," he said.
"Unfortunately, the record of recent years tells us that the Chinese Communist Party has a demonstrated history of choosing a different path ..."