Treasury sanctions Salt Typhoon hacking group behind breaches of major US telecom firms

The U.S. government has announced sanctions against a Chinese organization with links to Salt Typhoon, the hacking group responsible for the largest telecoms hack in U.S. history.
The Treasury Department’s Office of Foreign Assets Control (OFAC) announced on Friday that it had sanctioned a China-based cybersecurity company known as Sichuan Juxinhe Network Technology, which it says is directly linked to the China-backed Salt Typhoon hacking group.
Salt Typhoon was recently identified as carrying out the largest telecommunications hack in U.S. history, after infiltrating at least nine U.S. telecom and internet providers, including AT&T and Verizon, to gain access to the private communications of senior U.S. government officials and political figures.
The hackers also hacked into the systems that law enforcement agencies use for court-authorized collection of customer data, potentially accessing sensitive data such as identities of Chinese targets of U.S. surveillance.
In its press release on Friday, OFAC said that Sichuan Juxinhe had “direct involvement in the exploitation of these U.S. telecommunication and internet service provider companies.”
Treasury hackers sanctioned
OFAC also announced sanctions against Yin Kecheng, a cyber actor in Shanghai, which U.S. officials claim was responsible for the recent widespread hack of the U.S. Treasury.
The hack, which took place in late December, saw hackers use a private key stolen from BeyondTrust — a cybersecurity company that provides identity access tech to large organizations and government departments — to gain remote access to certain Treasury employee workstations.
The cyberattack allowed hackers — another China state-backed group known as Silk Typhoon — to target various departments within the U.S. Treasury, including its sanctions office.
According to OFAC, Yin Kecheng has been a cyber actor for over a decade and is affiliated with China’s Ministry of State Security, an intelligence and security agency responsible for the country’s foreign intelligence collection.
U.S. Treasury official Adewale O. Adeyemo said in a statement Friday: “The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our companies, and the United States government, including those who have targeted the Treasury Department specifically.”
Earlier this month, the U.S. government sanctioned another China-based cybersecurity company over its alleged links to a government-backed hacking group known as Flax Typhoon. The Treasury said the company, Integrity Technology Group, had been involved in “multiple computer intrusion incidents against U.S. victims,” including U.S. critical infrastructure.
You Might Also Like
AT&T technician Mark Klein, who exposed secret NSA spying, dies
Mark Klein, a former AT&T technician turned whistleblower who exposed mass surveillance by the U.S. government, has died at age...
TechCrunch Mobility: Testing the Uber-Waymo robotaxi, Rivian goes hands-free, and Travis Kalanick has AV FOMO
Welcome back to TechCrunch Mobility — your central hub for news and insights on the future of transportation. Sign up...
‘Open’ model licenses often carry concerning restrictions
This week, Google released a family of open AI models, Gemma 3, that quickly garnered praise for their impressive efficiency....
AI coding assistant Cursor reportedly tells a ‘vibe coder’ to write his own damn code
As businesses race to replace humans with AI “agents,” coding assistant Cursor may have given us a peek at the...