U.S. Sanctions Chinese Cybersecurity Firm for State-Backed Hacking Campaigns

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Integrity Technology Group, Incorporated, a Beijing-based cybersecurity firm, for orchestrating several cyber attacks against victims in the U.S.

These attacks have been publicly linked to a Chinese state-sponsored threat actor known as Flax Typhoon (also known as Ethereal Panda or RedJuliett), which was accused last year of operating an Internet of Things (IoT) botnet called Raptor Train.

The hacking team has been actively targeting various organizations across North America, Europe, Africa, and Asia since at least mid-2021.

Attacks by Flax Typhoon typically exploit known vulnerabilities to gain initial access to victims’ computers and then use legitimate remote access software to maintain persistent access.

Integrity Group, also known as Yongxin Zhicheng, has been accused of providing infrastructure support to Flax Typhoon’s cyber campaigns between mid-2022 and late-2023, and was classified by the U.S. Department of State as a government contractor with ties to the People’s Republic of China (PRC) Ministry of State Security. The company was established in September 2010.

US sanctions 5 individuals and 4 organizations over Russia