CyberSecurity news

FlagThis

@www.justice.gov - 73d

US Sanctions Chinese Firm for Firewall Hacks


Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • www.pcmag.com: US sanctions Chinese cybersecurity firm for hacking 81k firewall devices
  • : Related to DOJ toot above. The Department of the Treasury's Office of Foreign Assets Control (OFAC) is sanctioning cybersecurity company Sichuan Silence Information Technology Company, Limited (Sichuan Silence), and one of its employees, Guan Tianfeng, both based in People's Republic of China (PRC), for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide.
  • www.bleepingcomputer.com: US sanctions Chinese firm for hacking firewalls in ransomware attacks
  • www.justice.gov: Chinese national Guan Tianfeng was charged in connection with the mass exploitation of Sophos firewalls in 2020.
  • : People's Republic of China (PRC)-based Sichuan Silence Information Technology Co. Ltd. (Sichuan Silence) has provided services to China's Ministry of Public Security, among other Chinese government agencies. In 2020, Chinese national Guan Tianfeng and other employees of Sichuan Silence developed and tested intrusion techniques prior to deploying malicious software that allowed them to exploit a zero-day vulnerability in certain Sophos firewalls (CVSSv3.0: 10.0 critical). Sichuan Silence used the exploit to infiltrate approximately 81,000 firewall devices, infecting them with malware designed to not only retrieve and exfiltrate data from firewalls and computers behind them, but also encrypt files on infected computers if a victim attempted to remediate the infection.
  • Cyber Security News: US Sanctions Chinese Firm for Firewall Hacks Linked to Ransomware
  • gbhackers.com: US Charged Chinese Hackers for Exploiting Thousands of Firewall
  • CyberInsider: U.S. Indicts Chinese Hacker for Firewall Exploit Targeting 81,000 Devices
  • Dataconomy: Dataconomy's report on the Sophos firewall breach.
  • therecord.media: US sanctions Chinese cyber firm for compromising ‘thousands’ of firewalls in 2020
  • flashpoint.io: China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide
  • malware.news: China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide
  • The Hacker News: The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020.
  • CyberScoop: Treasury sanctions Chinese cyber company, employee for 2020 global firewall attack
  • DataBreaches.Net: China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide
Classification:
  • HashTags: #CyberSanctions #ChineseHackers #FirewallBreach
  • Company: Sichuan Silence
  • Target: Global Firewall Users
  • Attacker: China
  • Product: Firewall
  • Feature: Firewall Exploitation
  • Type: Legal
  • Severity: Major