The U.S. Treasury Division’s Workplace of International Property Management (OFAC) on Friday issued sanctions towards a Beijing-based cybersecurity firm often known as Integrity Know-how Group, Included for orchestrating a number of cyber assaults towards U.S. victims.
These assaults have been publicly attributed to a Chinese language state-sponsored menace actor tracked as Flax Hurricane (aka Ethereal Panda or RedJuliett), which was outed final yr as working an Web of Issues (IoT) botnet known as Raptor Practice.
The hacking crew has been energetic since at the least mid-2021, focusing on numerous entities throughout North America, Europe, Africa, and throughout Asia. Assaults mounted by Flax Hurricane have usually leveraged recognized vulnerabilities to realize preliminary entry to victims’ computer systems after which make use of legit distant entry software program to keep up persistent entry.
The Treasury Division described Chinese language malicious cyber actors as one of many “most active and most persistent threats to U.S. national security,” repeatedly focusing on U.S. authorities techniques, together with these related to the federal company.
“The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions,” stated Appearing Below Secretary of the Treasury for Terrorism and Monetary Intelligence Bradley T. Smith. “The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defenses.”
Integrity Group, also called Yongxin Zhicheng, has been accused of offering infrastructure help to Flax Hurricane cyber campaigns between mid-2022 and late-2023, with the U.S. Division of State classifying it as a authorities contractor with ties to the Individuals’s Republic of China (PRC) Ministry of State Safety. It was established in September 2010.
“It provides services to country and municipal State Security and Public Security Bureaus, as well as other PRC cybersecurity government contractors,” the State Division famous.
“‘Flax Typhoon’ hackers have successfully targeted multiple U.S. and foreign corporations, universities, government agencies, telecommunications providers, and media organizations.”
