US Treasury Sanctions Hacker and Sichuan Company Linked to Salt Typhoon Cyberattacks

• The U.S. Treasury Department sanctioned alleged hacker Yin Kecheng and Sichuan Juxinhe Network Technology Company LTD.
• The individual and the Sichuan-based cybersecurity company are accused of breaching the OFAC networks and several telecom giants.
• They were linked to the Salt Typhoon hacking of AT&T, Verizon, and Lumen, which compromised the sensitive data of U.S. officials and FBI agents.

The Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned alleged hacker Yin Kecheng and a Sichuan-based cybersecurity firm Sichuan Juxinhe Network Technology Co., LTD. for breaching its systems and stealing confidential data.

The department found the Shanghai-based hacker is connected to the China-backed Salt Typhoon threat actor, who was confirmed to have orchestrated the AT&T, Verizon, and Lumen attacks.

In a press release, the Treasury announced sanctioning Kecheng for unauthorized access to U.S. computer systems and cybercrime affecting several telecom companies. The press release stated that it will continue to take action against offenders, including those from the People’s Republic of China (PRC), for reckless cyber activity against the U.S.

Operated by China’s Ministry of State Security (MSS), Salt Typhoon has been operational since 2019 and conducts cyber espionage targeting U.S. entities.

The hackers are linked to the network infrastructure compromise of a number of telecommunications companies, including AT&T, Verizon, and Lumen Technologies, stealing sensitive call records and text, among other details.

Recently, the FBI alerted its staff that their agents’ and officers’ call records were accessed by the AT&T hackers.

They sanctioned Beijing-based Integrity Technology Group, Inc., which allegedly worked with the Flax Typhoon threat actor for persistent control over their network, and Sichuan Silence Information Technology Company, Ltd. for firewall compromise. 

To improve security, the Department of State’s Rewards for Justice program announced a reward of up to $10 million for information or tips against any person or organization engaged in malicious activities against the U.S.

Another China-linked hacking group, Silk Typhoon, also known as Hafnium, was linked to the OFAC hacking mainly to access data related to possible U.S. sanctions on Chinese entities.