The US government has sanctioned a Chinese cybersecurity company and one of its employees for their involvement in the large-scale compromise of firewalls in April 2020.
The hacked firewalls were exploited to install malware and deploy ransomware worldwide. Victims included US critical infrastructure firms and could have resulted in serious injury or loss of life.
The Department of the Treasury’s Office of Foreign Assets Control (OFAC) indicted Sichuan Silence Information Technology Company, Limited (Sichuan Silence) and its employee Guan Tianfeng (Guan) for discovering and exploiting a zero-day exploit in a firewall to launch the attacks.
Sichuan Silence is a cybersecurity government contractor specializing in offensive techniques, its core clients are People’s Republic of China (PRC) intelligence services.
Guan was a security researcher at the firm at the time of the compromise. He posted recently discovered zero-day exploits on vulnerability and exploit forums under his moniker GbigMao.
The sanctions mean that any money or assets owned by Sichuan Silence or Guan in the US must be blocked and reported to OFAC.
A reward of up to $10m has also been offered by the US Department of State for information about Sichuan Silence or Guan.
No tags.
