U.S. sanctions Beijing-based firm for aiding China-backed hacking group Flax Typhoon, targeting U.S. infrastructure and critical organizations

Continue reading
The U.S. Treasury Department has imposed sanctions on Beijing-based Integrity Technology Group, accusing the firm of supporting the China-backed hacking group Flax Typhoon. Announced Friday by the Office of Foreign Assets Control (OFAC), the sanctions highlight Integrity Tech’s alleged involvement in _“multiple computer intrusion incidents”_ targeting U.S. critical infrastructure and other organizations.
Integrity Tech is accused of operating a massive botnet comprising over 260,000 internet-connected devices, including cameras, routers, and storage systems, to conceal Flax Typhoon's cyber activities. This botnet, active since 2021, was dismantled by the FBI in September through a court-authorized operation.
Between 2022 and 2023, the hacking group reportedly exploited Integrity Tech's infrastructure to target U.S. universities, government agencies, telecommunications providers, and media organizations. The Treasury disclosed that a California-based entity was among the compromised victims, though specific names were withheld.
In December, Chinese hackers targeted the Treasury Department's sanctions office, gaining remote access to employees and unclassified documents. U.S. officials suspect this breach may have exposed information about potential future sanctions targets, underlining the escalating cyber threat posed by state-backed actors.
The sanctions block Integrity Tech’s access to U.S.-based assets and prohibit transactions involving U.S. entities. These measures aim to disrupt its operations and deter future cyberattacks. The Treasury described Chinese cyber actors as a persistent national security threat and emphasized the need for robust defenses.
The move against Integrity Tech is part of broader efforts to counteract China’s aggressive cyber activities. The sanctions serve as both a deterrent and a warning, underscoring the critical need for international collaboration in addressing state-sponsored cyber threats. While the dismantling of the botnet marks a significant achievement, the adaptability of groups like Flax Typhoon continues to challenge global cybersecurity efforts.
The U.S. has taken a firm stance, signaling its commitment to safeguarding critical infrastructure and maintaining cybersecurity integrity.
Polymarket's hack losses climb to $3.1M across 11 wallets as the platform faces a federal probe into deceptive marketing, even after pledging full refunds.