Chinese cybersecurity firm hit by US sanctions over ties to Flax Typhoon hacking group

News
By
published

US Treasury says Flax Typhoon was using Integrity Technology Group's infrastructure for its attacks

China
Image credit: Shutterstock (Image credit: Shutterstock)
  • The US Treasury has sanctioned Integrity Technology Group
  • It claims the company was used in attacks on Western entities
  • Both Integrity and the Chinese government criticize the decision

A Chinese technology company allegedly tied to the notorious state-sponsored threat actor known as Flax Typhoon has been placed on the US blacklist.

In a press release, the US Department of Treasury said it issued sanctions against Integrity Technology Group, “for its role in multiple computer intrusion incidents against U.S. victims.”

Integrity Technology Group is also known as Yongxin Zhicheng Technology Group. It is described as a cybersecurity company based in Beijing, China, specializing in producing and selling cybersecurity products. That includes network shooting range platforms, security control and honeypot products, security tools, and security protection solutions.

"Smear campaign"

According to the Treasury Department, between the summer of 2022 and fall 2023, Flax Typhoon actors used Integrity Tech’s infrastructure during their computer network exploitation activities against “multiple victims”.

“During that time, Flax Typhoon routinely sent and received information from Integrity Tech infrastructure,” the press release notes.

The Chinese government has slammed the decision, calling it a smear campaign. Commenting on the news, Chinese Foreign Ministry spokesperson Guo Jiakun said the country has cracked down on cyber attacks and that Washington was using the issue to “defame and smear China,” AP reports.

“For some time now, the U.S. side has been playing up so-called Chinese cyber attacks and has even initiated illegal unilateral sanctions against China,” Guo said. “China firmly opposes this and will take necessary measures to safeguard its legitimate rights and interests.”

At the same time, Integrity Technology Group said the sanctions were not based on facts: “The company firmly opposes the U.S. Treasury Department’s unwarranted accusations and Illegal unilateral sanctions on the company,” the company said in a statement to the Shanghai Stock Exchange.

Flax Typhoon is known for conducting cyber espionage campaigns targeting critical infrastructure, government entities, and private organizations, primarily in the United States. The group employs stealthy tactics to maintain long-term access to networks, often exploiting vulnerabilities and using compromised credentials to avoid detection.

Via SiliconANGLE

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
An American flag flying outside the US Capitol building against a blue sky
Chinese cybersecurity firm sanctioned by US Treasury over alleged links to Salt Typhoon hackers
China
Chinese cybersecurity firm facing US sanctions over alleged ransomware attacks
China
Microsoft says Chinese Silk Typhoon hackers are targeting cloud and IT apps to steal business data
An American flag flying outside the US Capitol building against a blue sky
More alleged Chinese intrusions into the US Treasury revealed
China
US Treasury declares ‘major incident’ after apparent state-sponsored Chinese hack
China
Chinese hackers who targeted key US infrastructure charged by Justice Department
Latest in Security
Woman using iMessage on iPhone
UK government guidelines remove encryption advice following Apple backdoor spat
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
HTTPS in a browser address bar
Malicious "polymorphic" Chrome extensions can mimic other tools to trick victims
ransomware avast
Hackers spotted using unsecured webcam to launch cyberattack
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Microsoft reveals over a million PCs hit by malvertising campaign
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Another huge new botnet is infecting thousands of webcams and video recorders for DDoS attacks
Latest in News
A masculine hand holding the Nvidia GeForce RTX 5070 Ti
Budget gamers rejoice as Nvidia RTX 5050 and RTX 5060 are rumored to launch in April
The Asus ROG Ally handheld gaming PC
AMD's new driver adds AFMF 2.1 support for improved frame generation - and it could be a game-changer for handheld gaming PCs
Victrola Stream Carbon turntable playing David Bowie, with the tonearm being operated
Victrola putting Bluetooth, UPnP and Roon in its Sonos-only turntables is the hi-fi equivalent of ‘I think we should see other people’
Android 16 logo on a phone
Android 16 beta users are reporting major battery drain issues – but I’m not too worried about it
Woman holding phone in field with Spotify app onscreen
The Spotify bug that shows ads to Premium subscribers has finally been fixed - for now at least
PC Gamer looking happy
AMD might go for Nvidia’s jugular in Q2 with a faster RX 9070 ‘Extreme’ GPU that could leave the RTX 5070 Ti in the dust
More about security
Wordpress brand logo on computer screen. Man typing on the keyboard.

Thousands of WordPress sites targeted with malicious plugin backdoor attacks
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol

Another huge new botnet is infecting thousands of webcams and video recorders for DDoS attacks
NordVPN running on a desktop, mobile devices, Apple TV, a router and a game console

NordVPN put under scrutiny the security of all apps – here are the results
See more latest
Most Popular
NordVPN running on a desktop, mobile devices, Apple TV, a router and a game console
NordVPN put under scrutiny the security of all apps – here are the results
The Asus ROG Ally handheld gaming PC
AMD's new driver adds AFMF 2.1 support for improved frame generation - and it could be a game-changer for handheld gaming PCs
Wordpress brand logo on computer screen. Man typing on the keyboard.
Thousands of WordPress sites targeted with malicious plugin backdoor attacks
A masculine hand holding the Nvidia GeForce RTX 5070 Ti
Budget gamers rejoice as Nvidia RTX 5050 and RTX 5060 are rumored to launch in April
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Another huge new botnet is infecting thousands of webcams and video recorders for DDoS attacks
Victrola Stream Carbon turntable playing David Bowie, with the tonearm being operated
Victrola putting Bluetooth, UPnP and Roon in its Sonos-only turntables is the hi-fi equivalent of ‘I think we should see other people’
XXX Nightshift promotional art.
Disco Elysium successor XXX Nightshift nets some serious musical talent
Quordle on a smartphone held in a hand
Quordle hints and answers for Saturday, March 8 (game #1139)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Saturday, March 8 (game #370)
A collage of Hugh Grant, Daredevil, and Meghan Markle
7 new movies and TV shows to stream on Netflix, Prime Video, Max, and more this weekend (March 7)