- A Chinese cybersecurity firm has been sanctioned by the US Treasury Department
- The company allegedly has links to the hacker group Salt Typhoon
- Salt Typhoon is accused of carrying out a cyber attack on 9 telecommunications companies
A Chinese cyber security firm has been sanctioned by the US Treasury’s Office of Foreign Comptrollership (OFAC) for alleged links to the notorious Salt Typhoon hacking group.
Salt Typhoon is perhaps best known as the group that infiltrated the networks of nine major US telecommunications companies and ISPs, including Verizon and AT&T in the largest telecommunications hack in US history.
“Sichuan Juxinhe Network Technology Co., LTD. (Sichuan Juxinhe) had direct involvement in the exploitation of these US telecommunications and Internet service providers. The MSS (China Ministry of State Security) has maintained strong ties with several companies that exploit computer networks, including Sichuan Juxinhe, the Ministry of Finance said in a statement.
A major intervention
The Salt Typhoon hack saw state-sponsored actors targeting high-level public communications through a breach of third-party technical support platform BeyondTrust. Hackers reportedly lurked inside telecommunications networks for months before being eradicated.
“The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our businesses and the United States government, including those who have specifically targeted the Treasury Department,” said Deputy Treasury Secretary Adewale O Adeyemo.
After the hack, the US Treasury was again hit by another cyber attack, which targeted the Committee on Foreign Investment in the United States (CFIUS), which is the department responsible for reviewing foreign investments for national security risks.
In January 2025, the Treasury Department similarly sanctioned a Chinese cybersecurity firm, Yongxin Zhicheng Technology Group, for alleged ties to Flax Typhoon, the group responsible for hijacking legally required broadband and communications backdoors that allow U.S. law enforcement to intercept communications.
