The U.S. government has sanctioned a Beijing-based cybersecurity firm for its ties to a Chinese government-backed hacking group it tracks as Flax Typhoon.
The Treasury Department's Office of Foreign Assets Control (OFAC) said Friday. Sanctions were announced. Against Integrity Technology Group for its role in “numerous computer intrusion incidents against American victims,” including U.S. critical infrastructure.
The sanctions come months after the U.S. government's reputation for technology, Also known as Yongxin Zhicheng.Running a botnet associated with the Flax Typhoon hacking group.
When was the botnet? The FBI dismantled the operation with court approval in September.According to a joint advisory issued by the FBI and the National Security Agency at the time, the cameras, It is made up of more than 260,000 Internet-connected devices, including storage devices and routers. The botnet has been controlled by Integrity Technology Group since 2021 to mask the activities of the Flax Typhoon hackers, the agencies said.
Flax Typhoon used infrastructure linked to Integrity Tech to compromise multiple US and European entities in mid-2022 and late 2023, the Treasury said in a statement. While not naming the victims, the Treasury Department added that a Chinese-backed hacking group had compromised several servers and workstations from a California-based organization.
According to a separate press release issued by the US State Department on Friday, Flax Typhoon was successfully targeted. Many American universities; government agencies; Communication service providers and media organizations.
The new sanctions, which designate Integrity Tech as an entity that engages in “harmful cyber-related activities,” come days after the Treasury Department The cyber attack was confirmed in December. It is believed to be Chinese government-backed hackers. Reported by hackers. The Office of Financial Sanctions OFAC was targeted.During the intrusion, hackers were given remote access to Treasury employees and access to unclassified documents.
US officials said. The Washington Post The intrusion may have given hackers access to data on Chinese entities that the US government is considering financial sanctions against.
A Treasury spokesperson did not return TechCrunch's request for comment. In his statement on Friday, The Treasury Department said the targeting of the Treasury's own IT infrastructure is one of the most active and serious threats facing the national security of the United States.
Integrity Tech, which is traded on the Shanghai Stock Exchange, did not respond to TechCrunch's questions.