The U.S. authorities has sanctioned a Beijing-based cybersecurity firm over its alleged hyperlinks to a China government-backed hacking group, tracked as Flax Storm.
The Treasury Division’s Workplace of Overseas Property Management (OFAC) on Friday introduced the sanctions in opposition to the Integrity Know-how Group for its function in “a number of pc intrusion incidents in opposition to U.S. victims,” together with U.S. crucial infrastructure.
The sanctions land months after the U.S. authorities accused Integrity Know-how, also referred to as Yongxin Zhicheng, of operating a botnet related to the Flax Storm hacking group.
The botnet, which was dismantled by the FBI in a court-authorized operation in September, was made up of greater than 260,000 internet-connected gadgets, together with cameras, storage gadgets, and routers, based on a joint advisory printed by the FBI and the Nationwide Safety Company on the time. The businesses stated the botnet had been operated and managed by the Integrity Know-how Group since 2021 to hide the actions of the Flax Storm hackers.
The Treasury stated in its assertion that Flax Storm used infrastructure linked to Integrity Tech to compromise a number of U.S. and European organizations between mid-2022 and late-2023. The hacking victims weren’t named, however the Treasury added that the China-backed hacking group compromised “a number of servers and workstations at a California-based entity.”
In keeping with a separate press launch printed by the U.S. Division of State on Friday, Flax Storm efficiently focused a number of U.S. universities, authorities businesses, telecommunications suppliers, and media organizations.
The brand new sanctions, which designate Integrity Tech as a corporation concerned in “malicious cyber-enabled actions,” come simply days after the Treasury confirmed it was topic to a cyberattack in December that it attributed to China government-backed hackers. The hackers reportedly focused the Treasury’s sanctions workplace, OFAC, in the course of the intrusion, which gave the hackers distant entry to Treasury staff and entry to unclassified paperwork.
U.S. officers instructed The Washington Submit that the intrusion could have given the hackers entry to details about Chinese language organizations that the U.S. authorities could also be contemplating designating for monetary sanctions.
A spokesperson for the Treasury didn’t return TechCrunch’s request for remark. In its assertion Friday, the Treasury known as Chinese language malicious actors “one of the energetic and most persistent threats” going through U.S. nationwide safety, referencing the focusing on of the Treasury’s personal IT infrastructure.
Integrity Tech, which is traded on the Shanghai Inventory Change, didn’t reply to TechCrunch’s questions.