Chinese Pair Arrested for Illegally Exporting AI Chips

Information Security Media Group provides a weekly overview of significant cybersecurity incidents globally. This week, notable events include the arrest of a Chinese pair in Los Angeles for unauthorized AI chip exports, the extradition of a Nigerian hacker from France, and a data breach at a Florida prison.

See Also: On Demand | Global Incident Response Report 2025

U.S. federal prosecutors have announced the arrest of two Chinese nationals in Los Angeles for allegedly selling advanced artificial intelligence chips manufactured by Nvidia to clientele in China. Chuan Geng and Shiwei Yang, both 28, reportedly executed over 20 shipments between October 2022 and July 2025. These shipments were allegedly routed through Singapore and Malaysia, acting as intermediaries to facilitate the transfer to China.

The December 2024 shipment included 12 GPUs valued over $110,000, managed by their El Monte-based firm, ALX Solutions. Geng voluntarily surrendered to law enforcement, while Yang was apprehended. Geng has since been released on a $250,000 bond, while Yang remains in custody due to visa violations.

According to the legal complaint, the duo was involved in exporting Nvidia’s H100 and PNY GE Force RTX 4090 chips, both of which are subject to strict control due to concerns about their potential application in adverse ways against U.S. national security. Payments from companies in Hong Kong and China for the chips indicate a diversion from their purported legitimate sales channels.

The H100 chip contains 80 billion transistors, providing significant computational power, six times that of its predecessor. An Nvidia representative stated that unauthorized sales receive no service or support, emphasizing the illicit nature of such operations.

In a separate incident, Nigerian national Chukwuemeka Victor Amachukwu appeared in a New York federal court, facing charges related to a protracted hacking and fraud scheme directed at tax businesses. Extradited from France, he is implicated in significant computer intrusion and identity theft operations initiated in 2019. Allegations include phishing attacks on tax preparation firms across various states, leveraging malware to steal customer data, and submitting fraudulent tax returns totaling $2.5 million in claims.

Ukrainian military intelligence has reportedly infiltrated governmental servers in Russian-occupied Crimea, revealing thousands of documents detailing the forced deportation of Ukrainian children. These files contain personal records of unaccompanied minors, along with documents designating Russian citizens as guardians and information on relocation sites.

The intelligence agency has communicated this data to law enforcement, which will utilize it to assist ongoing investigations and actions aimed at the recovery of abducted children. Since the onset of the conflict in February 2022, Ukraine claims nearly 20,000 children have been taken to Russia or territories under Russian control.

A data breach occurred at Everglades Correctional Institution in Florida, where a staff member inadvertently sent personal contact details of visitors to inmates. This incident compromised names, phone numbers, and email addresses, all accessible via secure devices utilized by inmates.

Family members have raised serious concerns regarding the potential misuse of this information. One visitor expressed her fears that her details could be exploited for extortion, while another, with a history of stalking, was particularly alarmed after her efforts to maintain privacy were upended.

A male-targeted clone of the popular Tea dating app has come under scrutiny for leaking sensitive user information, including IDs, selfies, and email addresses, due to a security vulnerability. The app, which emulates the original’s design that emphasizes women’s safety, has attracted considerable user engagement but has faced criticism due to this breach.

Security researchers indicated that a misconfigured database was the source of the exposure, allowing real-time access to critical user data. Concurrently, an admin’s login credentials were found unsecured on the server, indicating potential avenues for further exploitation. The original Tea application also recently suffered a breach, further complicating trust in these platforms.

Reflection on the Week’s Cyber Incidents

Reporting contributed by Gregory Sirico from Information Security Media Group.