FBI Nukes 13 CHINESE Spy Sites!

FBI website shown through magnifying glass.

Chinese intelligence agents built 13 fake consulting websites to trick U.S. government workers into selling secrets — and the Federal Bureau of Investigation (FBI) just shut them all down.

Story Snapshot

The FBI seized 13 fake consulting websites allegedly run by suspected Chinese agents targeting U.S. security clearance holders.
The scheme used stolen identities, AI-generated photos, and cryptocurrency to hide who was really running the operation.
The sites offered money to current and former government and military employees in exchange for sensitive information.
The Five Eyes intelligence alliance warned about nearly identical Chinese recruitment tactics just weeks before the seizure.

Fake Consulting Firms Built to Hunt Security Clearance Holders

Starting in November 2023, conspirators built at least 13 websites designed to look like real consulting companies. ^[1] The goal was simple and dangerous: find current or former U.S. government and military workers who held security clearances, offer them money, and get them to hand over sensitive information. ^[2] The Justice Department said the sites were backed by suspected Chinese agents. ^[5] This was not a clumsy phishing scam. It was a patient, well-funded operation built to look completely legitimate.

The people behind the sites did not use their real names. They used fake identities, stole real people’s personal information, and created profile photos with artificial intelligence to make the fake consultants look real. ^[1] They also paid recruits using cryptocurrency to hide where the money came from. ^[1] That level of tradecraft points to a professional intelligence operation, not a random criminal crew. The Justice Department’s own press release called the fake domains a window into “the lengths the Chinese government’s intelligence services will go to.” ^[5]

Why Security Clearance Holders Are the Prime Target

People with security clearances know things. They have access to classified programs, military capabilities, government strategies, and intelligence sources. Recruiting even one person with the right clearance can be worth more to a foreign spy service than years of traditional hacking. China’s intelligence services understand this well. Past cases prove the point. Kevin Mallory, a former Central Intelligence Agency officer, was convicted in 2019 of selling classified documents to Chinese agents who first contacted him through a professional networking site. ^[2] The fake consulting website model is that same playbook, scaled up and automated.

The Five Eyes alliance — the intelligence partnership between the United States, United Kingdom, Canada, Australia, and New Zealand — issued a warning earlier this month that Chinese military intelligence was actively running similar recruitment efforts. ^[1] That warning and this seizure landing in the same news cycle is not a coincidence. It reflects a coordinated effort to put the public on notice before more people get caught in the trap.

What the Seizure Proves and What It Does Not

The FBI taking down 13 domains is a real enforcement action. It shows investigators had enough evidence to get a judge to sign off on the seizures. ^[1] But a domain seizure is not a criminal conviction. It reflects probable cause, not a final verdict. The Justice Department has not publicly named the specific Chinese intelligence officers who ran the operation. ^[2] No defendants have been charged by name in the materials released so far. That gap matters. It means the public attribution rests on “suspected Chinese agents” rather than identified individuals with proven command responsibility.

FBI Seizes Fake Domains in Devastating New Blow to Chinese Intel Operationshttps://t.co/x0B5BByGVc

— RedState (@RedState) June 11, 2026

That said, the weakness in public disclosure is not the same as weakness in the underlying case. Counterintelligence investigations routinely keep the strongest evidence sealed to protect sources and methods. ^[4] The pattern of tradecraft described — stolen identities, AI photos, crypto payments, job postings aimed at clearance holders — matches known Chinese intelligence recruitment methods documented across multiple prior cases. ^[2] The government’s account is detailed, specific, and consistent with a well-established operational pattern. Skepticism about what has not yet been made public is fair. Dismissing the threat because the full file is not open-source would be a serious mistake.

The Broader Warning Hidden Inside This Story

This operation targeted people who already left government service. That detail matters. Former clearance holders often still carry sensitive knowledge. They may still have contacts inside agencies. And they are no longer surrounded by the security culture and reporting requirements that active employees face every day. They are, in short, more vulnerable. A well-crafted job offer from a convincing fake firm can look like a career opportunity, not a spy trap. Anyone who has ever held a clearance and gets an unsolicited consulting offer should treat it with serious suspicion, verify the firm independently, and report it to the FBI. That is not paranoia. That is exactly what this case demands.