The U.S. Treasury Division’s Workplace of Overseas Belongings Management (OFAC) on Friday issued sanctions in opposition to a Beijing-based cybersecurity firm often known as Integrity Know-how Group, Included for orchestrating a number of cyber assaults in opposition to U.S. victims.
These assaults have been publicly attributed to a Chinese language state-sponsored risk actor tracked as Flax Storm (aka Ethereal Panda or RedJuliett), which was outed final 12 months as working an Web of Issues (IoT) botnet known as Raptor Practice.
The hacking crew has been energetic since not less than mid-2021, concentrating on numerous entities throughout North America, Europe, Africa, and throughout Asia. Attacks mounted by Flax Storm have sometimes leveraged recognized vulnerabilities to achieve preliminary entry to victims’ computer systems after which make use of authentic distant entry software program to take care of persistent entry.
The Treasury Division described Chinese language malicious cyber actors as one of many “most energetic and most persistent threats to U.S. nationwide security,” repeatedly concentrating on U.S. authorities techniques, together with these related to the federal company.
“The Treasury Division is not going to hesitate to carry malicious cyber actors and their enablers accountable for his or her actions,” mentioned Performing Beneath Secretary of the Treasury for Terrorism and Monetary Intelligence Bradley T. Smith. “The US will use all obtainable instruments to disrupt these threats as we proceed working collaboratively to harden private and non-private sector cyber defenses.”
Integrity Group, often known as Yongxin Zhicheng, has been accused of offering infrastructure assist to Flax Storm cyber campaigns between mid-2022 and late-2023, with the U.S. Division of State classifying it as a authorities contractor with ties to the Individuals’s Republic of China (PRC) Ministry of State Safety. It was established in September 2010.
“It offers providers to nation and municipal State Safety and Public Safety Bureaus, in addition to different PRC cybersecurity authorities contractors,” the State Division famous.
“‘Flax Storm’ hackers have efficiently focused a number of U.S. and international firms, universities, authorities businesses, telecommunications suppliers, and media organizations.”
