Full Report
Prosecutors say front companies, falsified paperwork, and overseas drop points used to dodge US export rules Four people have been charged in the US with plotting to funnel restricted Nvidia AI chips into China, allegedly relying on shell firms, fake invoices, and covert routing to slip cutting-edge GPUs past American export controls.…
Analysis Summary
# Threat Actor: Unidentified Network (Individuals Charged)
## Attribution & Identity
The actors consist of four individuals charged by US prosecutors: Hon Ning "Mathew" Ho (Tampa), Brian Curtis Raymond (Huntsville, Alabama), Cham "Tony" Li (San Leandro, California), and Jing "Harry" Chen (Tampa). They are described as US citizens and Chinese nationals involved in a conspiracy. Their operation appears to center around the Tampa-based front company, Janford Realtor LLC, owned by Ho and Li.
## Activity Summary
The charged quartet allegedly conspired between September 2023 and November 2025 to unlawfully export restricted Nvidia AI chips to the People's Republic of China (PRC). The operation involved channeling hardware through intermediate points in Malaysia and Thailand to circumvent US export controls established in October 2022. They successfully completed four export attempts, moving approximately 400 Nvidia A100 GPUs into the PRC between October 2024 and January 2025. Two subsequent attempts were disrupted by law enforcement, including one involving HPE supercomputers containing H100 accelerators and a separate shipment of 50 H200 GPUs.
## Tactics, Techniques & Procedures
- **Use of Front Companies:** Employing Janford Realtor LLC, disguised as a real estate entity, to procure and ship controlled silicon.
- **Paperwork/Document Fraud:** Falsifying paperwork and creating fake contracts to mislead US authorities regarding the chips' intended destination.
- **Covert Routing/Smuggling:** Utilizing overseas drop points in Malaysia and Thailand to route restricted hardware into China.
- **Financial Deception:** Receiving over $3.89 million in wire transfers from China to finance the scheme without applying for required export licenses.
- MITRE ATT&CK IDs are not explicitly mentioned in the source material, as this case focuses on export control evasion rather than typical cyber intrusion activity.
## Targeting
- **Sectors:** Technology (specifically R&D/Acquisition of high-end computing hardware). The ultimate intended recipient is described as contributing to China's military modernization, weapons development, and large-scale surveillance systems.
- **Geography:** Originating/Coordination points in the US (Tampa, Huntsville, San Leandro); Intermediate transfer points in Malaysia and Thailand; Final destination China (PRC).
- **Victims:** US Government (regulators and export control authorities). The direct victims are Nvidia (via theft of controlled technology) and the integrity of US export controls.
## Tools & Infrastructure
- **Tools:** Nvidia A100, H100, and H200 GPUs (restricted technology).
- **Infrastructure:** Janford Realtor LLC (Front company); Electronics business owned by Raymond (Supplier); Overseas drop points (Malaysia, Thailand).
- **URLs/IPs:** None provided or relevant for defanging.
## Implications
This case highlights the persistence of sophisticated, high-value black-market pipelines dedicated to acquiring critical US dual-use AI technology. The involvement of US citizens charged alongside foreign nationals illustrates a coordinated effort to exploit legal loopholes and logistical chokepoints to fuel the military and technological advancement goals of a foreign adversary (China). It suggests that existing export controls remain challenging to enforce proactively against well-funded, deceptive commercial entities.
## Mitigations
- Enhanced due diligence on procurement activities of companies operating in high-risk sectors, especially those with non-descriptive names (e.g., "Realtor LLC" dealing in electronics).
- Increased scrutiny of export license applications and end-user verification, particularly for high-performance computing components like advanced GPUs.
- Monitoring high-volume wire transfers originating from known high-risk jurisdictions financing seemingly unrelated or unusually structured businesses.
- Strengthening supply chain tracking for controlled items through international transshipment hubs (e.g., Southeast Asian nations often used as transit points).