U.S. sanctions take aim at Chinese company said to aid hackers’ massive botnet – Tim Starks
– [[{“value”:”
The U.S. government on Friday sanctioned a Chinese company that Western nations had connected to a Beijing-sponsored hacking group’s botnet, which had compromised hundreds of thousands of devices before a joint takedown operation last year.
Flax Typhoon hackers made use of infrastructure at Integrity Technology Group to exploit victims, according to the Treasury Department’s Office of Foreign Assets Control. The firm builds cyber ranges to test cybersecurity tools and defenses and is reportedly one of the leading companies to do so in China.
“Between summer 2022 and fall 2023, Flax Typhoon actors used infrastructure tied to Integrity Tech during their computer network exploitation activities against multiple victims,” Treasury’s Friday announcement reads. “During that time, Flax Typhoon routinely sent and received information from Integrity Tech infrastructure.”
The Flax Typhoon hackers targeted Internet of Things devices, such as cameras and video recorders, FBI Director Christopher Wray said in September when announcing the takedown operation.
It’s the second time this week that the department has taken aim at Chinese hackers. Treasury notified Congress that they had hit its workstations. Friday’s sanctions are designed to constrain the company’s ability to do business in the United States, and to limit U.S. business dealings with the firm.
Beyond the takedown operation and sanctions, Western government agencies also issued an advisory on Flax Typhoon last year.
“These multi-agency efforts reflect our whole-of-government approach to protecting and defending against PRC cyber threats to Americans, our critical systems, and those of our allies and partners,” Matthew Miller, State Department spokesman, said Friday. “The United States will continue to use all the tools at its disposal to safeguard U.S. critical infrastructure and the American people from irresponsible and reckless cyber actors.”
Although Integrity Technology Group presents itself as an information security company, Wray said that its “chairman has publicly admitted that for years his company has collected intelligence and performed reconnaissance for Chinese government security agencies.”
“The Treasury Department will not hesitate to hold malicious cyber actors and their enablers accountable for their actions,” said Bradley T. Smith, acting under secretary of the Treasury for terrorism and financial intelligence. “The United States will use all available tools to disrupt these threats as we continue working collaboratively to harden public and private sector cyber defenses.”
The post U.S. sanctions take aim at Chinese company said to aid hackers’ massive botnet appeared first on CyberScoop.
“}]] – Read More – CyberScoop
