Chinese cybersecurity firm facing US sanctions over alleged ransomware attacks
Date:
Wed, 11 Dec 2024 11:21:04 +0000
Description:
US Government sanctions Chinese cybersecurity firm responsible for thousands of critical infrastructure attacks.
FULL STORY ======================================================================The US Treasury Dept. is bringing sanctions against a Chinese cybersecurity firm and one of its employees The Government believes the employee is singlehandedly responsible for over 80,000 Sophos firewall breaches Many of the targets were part of US critical infrastructure
Chinese cybersecurity firm Sichuan Silence has been sanctioned by the US Treasury Departments Office of Foreign Assets Control (OFAC) for its role in
a string of Ragnarok ransomware attacks in April of 2020, in which tens of thousands of firewalls were compromised across the globe.
Also sanctioned was an employee of the firm, Guan Tianfeng, who is allegedly single-handedly responsible for exploiting 81,000 Sophos firewalls. Guan discovered a zero-day exploit in the Sophos firewall and used this to compromise businesses, and steal information like passwords.
Once the information was obtained, Guan would often disable the victims anti-virus software and encrypt the device with a Ragnarok ransomware
variant, which infected the victims device. 23,000 successful compromises
The wide-reaching cyber espionage campaign compromised over 23,000 firewalls in the US alone, with 36 critical infrastructure targets - including an
energy company. Obviously an impressive cybercriminal, Guan (also known as GbigMao), also competed in cybersecurity tournaments on behalf of Sichuan Silence.
The Justice Department has offered a $10 million reward for any information that could lead to the location of the attacker. The malicious cyber activities against infrastructure are violations of the Computer Fraud and Abuse Act.
The defendant and his conspirators compromised tens of thousands of firewalls and then continued to hold at risk these devices, which protect computers in the United States and around the world, said Assistant Attorney General for National Security Matthew G. Olsen.
The sanctions include the seizure of any US property or assets belonging to the firm or to Guan, and blocking any entities that are more than 50% owned
by Sichuan Silence, unless authorized by the OFAC.
The US government recently announced that mitigating Chinese cyberattacks is
a top priority for US security forces , citing serious national security concerns.
The cybersecurity firm is said to have served as a third-party contractor for the Chinese governments intelligence agency, offering tools and skills. From now on, US organizations and citizens are prohibited from engaging in any financial transactions with the firm.
Via BleepingComputer You might also like Take a look at our pick of the best firewall software Sophos reveals how it fought a network of dangerous Chinese hackers for years Check out our pick for best antivirus software
======================================================================
Link to news story:
https://www.techradar.com/pro/security/chinese-cybersecurity-firm-facing-us-sa nctions-over-alleged-ransomware-attacks
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)