Chinese authorities have repeatedly denied any involvement in the OPM attack. The Chinese government takes resolute strong measures against any kind of hacking attack, Chinas Foreign Ministry told Reuters in 2. We oppose baseless insinuations against China. Sakula was also used in the 2. Anthem data breach, which involved the potential theft of roughly 8. Independent investigators concluded with medium confidence earlier this year that the Anthem attack was likely carried out on behalf of a foreign government. Neither Anthem nor OPM is cited in connection with Yus arrest and Anthem does not appear to be based in any of the cities mentioned in the indictment. Yu was allegedly linked to use of the then rare Sakula malware through emails obtained by the FBI. Yus co conspirators are said to have breached a third company based in Los Angeles, however, in December 2. The attackers allegedly took advantage of a then unknown vulnerabilityor zero dayin Microsofts Internet Explorer, which allowed for remote code execution and injection of Sakula. Sakula is also a known tool of China based advanced persistent threat nicknamed Deep Panda, or APT 1. OPM and Anthem attacks. The two unnamed and unindicted co conspirators also allegedly attacked a fourth company based in Arizona. The FBI agents affidavit states that Yu provided one of the co conspirators the malicious software as early as April 2. The communications allegedly show that Yu also informed the second co conspirator of an exploit for Adobes Flash software. Whats more, FBI seized communications show that in November 2. Yu indicated that he had compromised the legitimate Korean Microsoft domain used to download software updates for Microsoft products, and further stated, allegedly, that the hacked site could be used to launch phishing attacks. According to CNN, Yu was arrested after entering the US on Wednesday to attend a conference. This story is developing and will be updated as more information becomes available.