Chinese cybersecurity firm sanctioned by US Treasury over alleged links to Salt Typhoon hackers

News
By published

'Major incident’ saw 9 US telco networks compromised

An American flag flying outside the US Capitol building against a blue sky
(Image credit: Getty Images)
  • A Chinese cybersecurity firm has been sanctioned by the US Treasury
  • The firm allegedly has ties to hacking group Salt Typhoon
  • Salt Typhoon is accused of carrying out a cyberattack on 9 telco giants

A Chinese cybersecurity firm has been sanctioned by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) for alleged links to the notorious hacking group Salt Typhoon.

Salt Typhoon is perhaps best known as the group who infiltrated the networks of nine major US telecommunications companies and internet providers, including Verizon and AT&T in the largest telecoms hack in US history.

“Sichuan Juxinhe Network Technology Co., LTD. (Sichuan Juxinhe) had direct involvement in the exploitation of these U.S. telecommunication and internet service provider companies. The MSS (China Ministry of State Security) has maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe,” the Treasury said in a statement.

A major incursion

The Salt Typhoon hack saw state-sponsored actors targeting high-level government communications through a breach of third-party tech support platform BeyondTrust. Hackers were reportedly lurking inside telecom networks for months before being eradicated.

“The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our companies, and the United States government, including those who have targeted the Treasury Department specifically,” said Deputy Secretary of the Treasury Adewale O. Adeyemo.

Following the hack, the US Treasury was again hit by a further cyberattack which targeted the Committee on Foreign Investment in the US (CFIUS), which is the department in charge of reviewing foreign investments for national security risks.

In January 2025, the Treasury similarly sanctioned a Chinese cybersecurity firm Yongxin Zhicheng Technology Group for alleged ties to Flax Typhoon, the group responsible for hijacking legally required broadband and communications backdoors which allow US law enforcement to intercept communications.

You might also like

Ellen Jennings-Trace
Ellen Jennings-Trace
Staff Writer

Ellen has been writing for almost four years, with a focus on post-COVID policy whilst studying for BA Politics and International Relations at the University of Cardiff, followed by an MA in Political Communication. Before joining TechRadar Pro as a Junior Writer, she worked for Future Publishing’s MVC content team, working with merchants and retailers to upload content.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.

Read more
China
Chinese cybersecurity firm hit by US sanctions over ties to Flax Typhoon hacking group
Flag of the People's Republic of China overlaid with a technological network of wires and circuits.
Salt Typhoon attacks may have hit more US firms than previously thought
An American flag flying outside the US Capitol building against a blue sky
More alleged Chinese intrusions into the US Treasury revealed
China
US Treasury declares ‘major incident’ after apparent state-sponsored Chinese hack
China
AT&T and Verizon say they're free of Salt Typhoon hacks at last, as further victims identified
China
Chinese hackers who targeted key US infrastructure charged by Justice Department
Latest in Security
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Veeam urges users to patch security issues which could allow backup hacks
UK Prime Minister Sir Kier Starmer
The UK releases timeline for migration to post-quantum cryptography
Representational image depecting cybersecurity protection
Cisco smart licensing system sees critical security flaws exploited
Image depicting a hand on a scanner
Hackers are targeting unpatched ServiceNow instances that exploit 3 separate year-old vulnerabilities
ransomware avast
Ransomware attacks are costing Government offices a month of downtime on average
Latest in News
Seth Milchick and Kier Eagan's animatronic speaking in Severance season 2 episode 10
Apple TV+ announces Severance has been renewed for season 3 after that devastating finale
Apple's Craig Federighi presenting customization options in iOS 18 at the Worldwide Developers Conference (WWDC) 2024.
iOS 19: new features, a new design, and everything you need to know
Spotify's new Concerts Near You playlist feature showing a list of songs by local touring artists
Spotify has launched a new Concerts Near You playlist, making it easier for you to see if your favorite artists are performing in your area
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
The new Dr. Squatch Call of Duty collection.
Latest Call of Duty collaboration finally lets you rub your body with Soap - and I can't believe I just wrote that
Samsung S95D with peacock feather on screen
Samsung says an OLED-beating new screen tech could come sooner than we thought – but I wouldn't expect it in 4K TVs right away
More about security
Representational image depecting cybersecurity protection

Cisco smart licensing system sees critical security flaws exploited
An image of network security icons for a network encircling a digital blue earth.

US government warns agencies to make sure their backups are safe from NAKIVO security issue
construction

Building in the digital age: why construction’s future depends on scaling jobsite intelligence
See more latest