The U.S. Treasury Division’s Workplace of Overseas Property Management (OFAC) on Friday issued sanctions in opposition to a Beijing-based cybersecurity firm often called Integrity Know-how Group, Included for orchestrating a number of cyber assaults in opposition to U.S. victims.
These assaults have been publicly attributed to a Chinese language state-sponsored menace actor tracked as Flax Hurricane (aka Ethereal Panda or RedJuliett), which was outed final yr as working an Web of Issues (IoT) botnet referred to as Raptor Prepare.
The hacking crew has been lively since at the very least mid-2021, focusing on numerous entities throughout North America, Europe, Africa, and throughout Asia. Assaults mounted by Flax Hurricane have usually leveraged recognized vulnerabilities to achieve preliminary entry to victims’ computer systems after which make use of professional distant entry software program to take care of persistent entry.
The Treasury Division described Chinese language malicious cyber actors as one of many “most lively and most persistent threats to U.S. nationwide safety,” repeatedly focusing on U.S. authorities techniques, together with these related to the federal company.
“The Treasury Division won’t hesitate to carry malicious cyber actors and their enablers accountable for his or her actions,” stated Performing Below Secretary of the Treasury for Terrorism and Monetary Intelligence Bradley T. Smith. “The USA will use all out there instruments to disrupt these threats as we proceed working collaboratively to harden private and non-private sector cyber defenses.”
Integrity Group, often known as Yongxin Zhicheng, has been accused of offering infrastructure assist to Flax Hurricane cyber campaigns between mid-2022 and late-2023, with the U.S. Division of State classifying it as a authorities contractor with ties to the Individuals’s Republic of China (PRC) Ministry of State Safety. It was established in September 2010.
“It supplies providers to nation and municipal State Safety and Public Safety Bureaus, in addition to different PRC cybersecurity authorities contractors,” the State Division famous.
“‘Flax Hurricane’ hackers have efficiently focused a number of U.S. and overseas firms, universities, authorities businesses, telecommunications suppliers, and media organizations.”