Treasury sanctions Salt Typhoon hacking group behind breach of major US telecom companies

The US government has announced sanctions against a Chinese organization linked to the hacking group responsible for Typhoon Salt. The largest telecom hack in US history.

Treasury Department of Foreign Assets Control (OFAC) announced on Friday That it sanctioned a China-based cybersecurity company known as Sichuan Juxinhe Network Technology, which it says is directly linked to the China-backed Salt Typhoon hacking group.

After hacking at least nine US telecom and internet providers, including AT&T and Verizon, to gain access to the private communications of senior US government officials and political figures, Salt Typhoon was recently dubbed the largest telecommunications hack in US history.

Hackers also hacked systems that law enforcement agencies use for court-authorized collection of consumer data, potentially accessing sensitive data such as the identification of Chinese targets of US surveillance.

In its press release on Friday, OFAC said Sichuan Juxinhe was “directly involved in the exploitation of these US telecommunications and Internet service provider companies.”

Treasury Hackers Approved

OFAC also announced sanctions against cyber actor Yin Kecheng in Shanghai, which US officials claim was responsible. The latest massive hack of the US Treasury.

The hack, which occurred in late December, saw hackers at BeyondTrust — a cybersecurity company that provides identity access tech to large organizations and government departments — use private keys to gain remote access to certain Treasury employee workstations.

Cyber ​​attacks allowed hackers to – Another Chinese state-backed group called Silk Typhoon – US to target various departments within the Treasury, including its sanctions office.

According to OFAC, Yin Kecheng has been a cyber actor for more than a decade and is associated with China’s Ministry of State Security, an intelligence and security agency responsible for the country’s foreign intelligence collection.

US Treasury official Adewale O. Adeyemo said in a statement Friday: “The Treasury Department will continue to use its authorities to apprehend responsible malicious cyber actors who target the American people, our companies, and the United States government. Especially the Treasury Department.”

Earlier this month, The The US government has approved another cyber security company based in China over its alleged links to a government-backed hacking group known as FlexTyphoon. The company, Integrity Technology Group, “has been involved in multiple computer intrusion incidents against US victims,” ​​including US critical infrastructure, Treasury said.