The U.S. authorities has sanctioned a Beijing-based cybersecurity firm over its alleged hyperlinks to a China government-backed hacking group, tracked as Flax Typhoon.
The Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday introduced the sanctions towards the Integrity Technology Group for its position in “a number of laptop intrusion incidents towards U.S. victims,” together with U.S. important infrastructure.
The sanctions land months after the U.S. authorities accused Integrity Technology, often known as Yongxin Zhicheng, of working a botnet related to the Flax Typhoon hacking group.
The botnet, which was dismantled by the FBI in a court-authorized operation in September, was made up of greater than 260,000 internet-connected gadgets, together with cameras, storage gadgets, and routers, based on a joint advisory printed by the FBI and the National Security Agency on the time. The companies stated the botnet had been operated and managed by the Integrity Technology Group since 2021 to hide the actions of the Flax Typhoon hackers.
The Treasury stated in its assertion that Flax Typhoon used infrastructure linked to Integrity Tech to compromise a number of U.S. and European organizations between mid-2022 and late-2023. The hacking victims weren’t named, however the Treasury added that the China-backed hacking group compromised “a number of servers and workstations at a California-based entity.”
According to a separate press launch printed by the U.S. Department of State on Friday, Flax Typhoon efficiently focused a number of U.S. universities, authorities companies, telecommunications suppliers, and media organizations.
The new sanctions, which designate Integrity Tech as a corporation concerned in “malicious cyber-enabled actions,” come simply days after the Treasury confirmed it was topic to a cyberattack in December that it attributed to China government-backed hackers. The hackers reportedly focused the Treasury’s sanctions workplace, OFAC, throughout the intrusion, which gave the hackers distant entry to Treasury workers and entry to unclassified paperwork.
U.S. officers instructed The Washington Post that the intrusion could have given the hackers entry to details about Chinese organizations that the U.S. authorities could also be contemplating designating for monetary sanctions.
A spokesperson for the Treasury didn’t return TechCrunch’s request for remark. In its assertion Friday, the Treasury referred to as Chinese malicious actors “some of the lively and most persistent threats” dealing with U.S. nationwide safety, referencing the focusing on of the Treasury’s personal IT infrastructure.
Integrity Tech, which is traded on the Shanghai Stock Exchange, didn’t reply to TechCrunch’s questions.
