On Friday, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyberattacks against U.S.-based victims.
These attacks were publicly attributed to the Chinese state threat actor being tracked Linen typhoon (aka Ethereal Panda or Red Juliet), which was published last year under the name Internet of Things (IoT) botnets. Raptor train.
The hacking team has been active since at least mid-2021, targeting various organizations in North America, Europe, Africa and Asia. Attacks carried out by Flax Typhoon typically use known vulnerabilities to gain initial access to victims’ computers and then use legitimate remote access software to maintain continued access.
The Treasury Department has called Chinese hackers one of the “most active and persistent threats to U.S. national security,” having repeatedly targeted U.S. government systems, including those associated with a federal agency.
“The Ministry of Finance will not hesitate to prosecute the perpetrators and those who facilitate them,” said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith. “The United States will use all available tools to thwart these threats as we continue to work together to strengthen the cyber defenses of the public and private sectors.”
Integrity Groupalso known as Yongxin Zhicheng, was accused of providing infrastructure support to Flax Typhoon cyber campaigns between mid-2022 and late 2023, with the US State Department classifying him as a government contractor with ties to the People’s Republic of China (PRC). ) Ministry of State Security. It was created in September 2010.
“It provides services to state and municipal government security and public safety agencies, as well as other government contractors for cybersecurity in the PRC,” the State Department said. noted.
“Flax Typhoon hackers have successfully attacked several US and foreign corporations, universities, government agencies, telecommunications providers and media organizations.”
