FlagThis

CyberSecurity updates
2025-01-30 17:22:27 Pacfic
MalBot @ Malware Analysis, News and Indicators
US Treasury Hacked by Chinese APT Group - 11d
Read more: malware.news

The US Treasury Department has sanctioned a Chinese cybersecurity firm, Sichuan Juxinhe Network Technology Co., and a Shanghai-based hacker, Yin Kecheng, for their involvement in significant cyberattacks. These attacks compromised sensitive systems at the Treasury Department and major US telecommunication companies and ISPs. Sichuan Juxinhe is linked to the Salt Typhoon hacking group, which has infiltrated numerous US telecom companies and ISPs intercepting sensitive data from high-value political officials and communication platforms. Yin Kecheng, connected to the Chinese Ministry of State Security (MSS), is associated with the recent breach of the Treasury's network, impacting systems involved in sanctions and foreign investment reviews.

The Treasury's systems, including those used by Secretary Janet Yellen, were accessed during the breach resulting in the theft of over 3,000 files. The stolen data included policy documents, organizational charts, and information on sanctions and foreign investment. The cyber activity has been attributed to the Salt Typhoon group, alongside a related group known as Silk Typhoon (formerly Hafnium), which exploited vulnerabilities in Microsoft Exchange Server and used compromised APIs. The Treasury Department stated that it will continue using its authority to hold accountable malicious actors that target American people and the US government.

References:
  • Malware Analysis, News and Indicators - Latest topics - US Sanctions Chinese firm behind sweeping Salt Typhoon telecom hacks - 12d
  • The Hacker News - U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon - 12d
  • BleepingComputer - US sanctions Chinese firm, hacker behind telecom and Treasury hacks - 12d
  • ciso2ciso.com - US Sanctions Chinese Hacker & Firm for Treasury, Critical Infrastructure Breaches – Source: www.darkreading.com - 11d
  • CISO2CISO.COM & CYBER SECURITY GROUP - US sanctions Chinese hacker & firm for Treasury, critical infrastructure breaches - 11d
  • @screaminggoat - U.S. Treasury : Treasury's OFAC is sanctioning Yin Kecheng, a Shanghai-based cyber actor who was involved with the recent Department of the Treasury network compromise. - 11d
  • CISO2CISO.COM & CYBER SECURITY GROUP - U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon – Source:thehackernews.com - 11d
  • www.bleepingcomputer.com - US sanctions Chinese firm, hacker behind telecom and Treasury hacks - 11d
  • Security Affairs - U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon - 11d
  • ciso2ciso.com - Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network – Source: www.securityweek.com - 11d
  • @jos1264 - Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network – Source: www.securityweek.com - 11d
  • ciso2ciso.com - The U.S. Treasury’s OFAC sanctioned a Chinese cybersecurity firm and a Shanghai cyber actor for ties to Salt Typhoon and a federal agency breach. - 10d
  • Latest from Tomshardware - News report on Chinese hackers infiltrating US Treasury Secretary's PC and gaining access to over 400 PCs. - 10d
  • CISO2CISO.COM & CYBER SECURITY GROUP - U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon - 10d
  • www.nextgov.com - US Treasury Department sanctions imposed for Salt Typhoon's involvement. - 10d
  • www.nextgov.com - The Treasury Department's sanctions follow a major hack targeting telecommunications companies and potentially impacting high-value political officials. - 10d
  • Threats | CyberScoop - Treasury sanctions Chinese cybersecurity company, affiliate for Salt Typhoon hacks. - 10d
  • cyberscoop.com - Treasury sanctions Chinese cybersecurity company, affiliate for Salt Typhoon hacks - 10d
  • thecyberexpress.com - U.S. Treasury sanctions Salt Typhoon hackers - 10d
  • North Korean hackers impersonated recruiters to steal credentials from over 1,500 developer systems | CSO Online - The US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider camp - 9d
  • Security Affairs - The US Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., LTD. - 9d
  • Security Boulevard - U.S. Treasury Sanctions Chinese Individual, Company for Data Breaches - 8d

Classification:
  • HashTags: CyberAttack Sanctions ChinaCyberEspionage
  • Company: US Treasury
  • Target: US Treasury
  • Attacker: Chinese APT
  • Product: US Treasury Network
  • Feature: network compromise
  • Type: Espionage
  • Severity: Major

This site is an experimental news aggregator using feeds I personally follow. You can provide me feedback using this form or using Bluesky.