The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Friday issued sanctions against a Beijing-based cybersecurity company known as Integrity Technology Group, Incorporated for orchestrating several cyber attacks against U.S. victims.
These attacks have been publicly attributed to a Chinese state-sponsored threat actor tracked as Flax Typhoon (aka Ethereal Panda or RedJuliett), which was outed last year as operating an Internet of Things (IoT) botnet called Raptor Train.
The hacking crew has been active since at least mid-2021, targeting various entities across North America, Europe, Africa, and across Asia. Attacks mounted by Flax Typhoon have typically leveraged known vulnerabilities to gain initial access to victims’ computers and then make use of legitimate remote access software to maintain persistent access.
Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
The Treasury Department described Chinese malicious cyber actors as one of the “most active and most persistent threats to U.S. national security,” repeatedly targeting U.S. government systems, including those associated with the federal agency.
“The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions,” said Acting Under Secretary of the Treasury for Terrorism and Financial Intelligence Bradley T. Smith. “The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defenses.”
Integrity Group, also known as Yongxin Zhicheng, has been accused of providing infrastructure support to Flax Typhoon cyber campaigns between mid-2022 and late-2023, with the U.S. Department of State classifying it as a government contractor with ties to the People’s Republic of China (PRC) Ministry of State Security. It was established in September 2010.
“It provides services to country and municipal State Security and Public Security Bureaus, as well as other PRC cybersecurity government contractors,” the State Department noted.
“‘Flax Typhoon’ hackers have successfully targeted multiple U.S. and foreign corporations, universities, government agencies, telecommunications providers, and media organizations.”
Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Some parts of this article are sourced from:
thehackernews.com
AI in Cybersecurity: Learn What Works and What Doesn't (Webinar Inside)Dec 30, 2024Online Security / WebinarJoin our webinar, "AI in Cybersecurity: Separating Hype from Impact," to uncover insights from 200 leaders on optimizing AI for security operations and vulnerability management. Register now!