Landing page banner

On 5 November 2025, three Chinese nationals, Yan Peijian (“Yan”), 39, Huang Qinzheng (“Huang”), 37, and Liu Yuqi (“Liu”), 33, were convicted and sentenced to imprisonment for their roles in a global cybercrime syndicate that conducted illegal cyber activities.

The three men were convicted of the following offences: 

1. One count of being a member of a locally-linked organised criminal group, punishable under Section 5(1) of the Organised Crime Act 2015 (OCA);
   
   
2. One count of acquiring property which were benefits from criminal conduct, punishable under Sec 54(5) of the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992 (CDSA);
   
   
3. One count of retaining computer programmes that were capable of being used for the purpose of committing an offence under Sections 3, 4, 5, 6 or 7 of the Computer Misuse Act 1993 (CMA), and intending to use them to facilitate the commission of an offence under Sections 3, 4, 5, 6 or 7 of the CMA, punishable under Section 10(3)(a) of the CMA; and 
   
   
4. One count of false declaration of employment, punishable under Section 22(1)(i) of the Employment of Foreign Manpower Act 1990 (EFMA). 

The three men were sentenced as follows:

1. Yan was convicted and sentenced to 28 months and one week’s imprisonment. 
   
   
2. Huang was convicted and sentenced to 28 months and one week’s imprisonment.
   
   
3. Liu was convicted and sentenced to 28 months and four weeks’ imprisonment.

An additional charge under the CMA was taken into consideration for sentencing, for each of the three men.

Details of the case 

The three accused persons were among six individuals arrested on 9 September 2024 during a large scale, island-wide operation conducted by the Police and the Internal Security Department¹. Investigations found that they were either directly involved in or played a supporting role in hacking into overseas gambling websites and companies for the purposes of cheating during gameplay and stealing databases of personally identifiable information for trade.

Specifically, the three accused persons were tasked by the syndicate’s group leader to probe sites of interest for system vulnerabilities, conduct penetration attacks, and exfiltrate personal information from the compromised systems. Further investigations revealed that the syndicate possessed foreign government data, including confidential communications. All three accused persons were found in possession of sophisticated hacking tools and malware, including PlugX-related malware and tools². The scale of their operations was extensive, with the accused persons collectively possessing hundreds of different Remote Access Trojans and multiple virtual machines for conducting cyber-attacks.

The Police have seized cash, bank accounts, vehicles, cryptocurrencies and bottles of liquor with a total estimated value of more than S$22 million and issued prohibition of disposal orders for four properties worth over S$30 million, in relation to the case.

Court proceedings for the remaining two accused persons are ongoing. The syndicate leader is currently at large, outside Singapore. 

Deputy Commissioner of Police (Investigation and Intelligence), concurrent Director of the Criminal Investigations Department, Mr. Zhang Weihan, said: “Those who think they can exploit the anonymity of the Internet to commit crimes in Singapore should think twice. The Police will not tolerate the use of Singapore as a base for cybercriminal activities. We will spare no efforts to take cybercriminals to task and deal with them to the fullest extent of the law.”

¹ Police News Release dated 10 September 2024: https://www.police.gov.sg/media-hub/news/2024/20240910_six_persons_to_be_charged_for_offences_in_relation_to_illegal_cyber_activities 

² PlugX is a sophisticated Remote Access Trojan associated with known Advanced Persistent Threat (APT) groups typically linked to state-sponsored hackers.