Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
The US government has sanctioned a Beijing-based cyber security company for its links to Chinese government-backed hacking groups such as Flax Typhoon.
The Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday announced the sanctions Against Integrity Technology Group for its role in “multiple computer intrusion incidents against US victims,” including US critical infrastructure.
The sanctions came months after the US government indicted Integrity Technology. Also known as Yongxin ZhichengManaging a botnet associated with the Flax Typhoon hacker group.
A botnet that It was taken down by the FBI in a court-authorized operation in SeptemberIt consisted of more than 260,000 Internet-connected devices, including cameras, storage devices and routers, according to a joint advisory released by the FBI and the National Security Agency at the time. The agencies said the botnet was operated and controlled by the Integrity Technology Group since 2021 to hide the activities of the Flax Typhoon hackers.
Flax Typhoon used infrastructure related to Integrity Tech to compromise multiple US and European organizations between mid-2022 and late 2023, the Treasury said in a statement. The victims of the hack were not named, but the Treasury added that a Chinese-backed hacking group breached “multiple servers and workstations at a facility located in California.”
A separate press release issued by the US State Department on Friday said. Ketan Typhoon was successfully targeted many US universities, government agencies, telecommunications providers and media organizations.
The new sanctions, which designate Integrity Tech as an organization involved in “malicious cyber-active activities,” come days after Treasury. confirmed that it had been hacked in December It is attributed to hackers supported by the Chinese government. According to information, hackers It targeted the Treasury’s sanctions office, OFACduring the intrusion gave hackers remote access to Treasury employees and access to unclassified documents.
This was reported by US officials The Washington Post that the hack may have given hackers access to information about Chinese entities the US government is considering imposing financial sanctions on.
A Treasury spokesperson did not respond to TechCrunch’s request for comment. In a statement Friday, the Treasury called China’s malicious actors “one of the most active and persistent threats” facing U.S. national security, citing the targeting of the Treasury’s own IT infrastructure.
Integrity Tech, which is traded on the Shanghai Stock Exchange, did not respond to questions from TechCrunch.
