Ethical Hacking News
Chinese hackers targeted the Office of Foreign Assets Control (OFAC) within the U.S. Department of the Treasury, breaching sensitive information related to individuals and organizations under consideration for sanctioning. This attack highlights the growing threat posed by state-sponsored cyber attackers and underscores the need for increased vigilance and cooperation among nations to combat this menace.
The Chinese state-backed hackers, known as "Salt Typhoon," breached the Office of Foreign Assets Control (OFAC) within the US Department of the Treasury. The breach was carried out through a remote support platform provided by BeyondTrust and gained unauthorized access to the Treasury Department's network. The attackers accessed sensitive information related to individuals and organizations being considered for sanctioning by the US government, including text messages, voicemails, phone calls, and wiretap information. Salt Typhoon has been linked to recent breaches of nine major US telecom firms, as well as carriers in dozens of other countries. The US government is planning to ban China Telecom's last active US operations and introducing new legislation to secure American telecoms from similar hack attempts.
In a shocking revelation, it has come to light that Chinese state-backed hackers have successfully breached the Office of Foreign Assets Control (OFAC), a department within the United States Department of the Treasury. This breach, which was first reported by Sergiu Gatlan, is significant not only because of its potential impact on national security but also due to the brazen nature of the attack itself.
The OFAC, created in December 1950, plays a critical role in enforcing and administering trade and economic sanctions programs. It is tasked with identifying and freezing the assets of individuals and entities deemed hostile to U.S. interests. The department's work is vital to maintaining the country's economic and political influence around the world.
The breach was reportedly carried out through a remote support platform provided by BeyondTrust, which allows users to access and manage their systems remotely. Chinese hackers, known as "Salt Typhoon," successfully compromised this platform, gaining unauthorized access to the Treasury Department's network. The attackers then targeted specific departments within the Treasury, including OFAC.
According to sources close to the matter, the Salt Typhoon group is believed to have accessed sensitive information related to individuals and organizations that are being considered for sanctioning by the U.S. government. This includes text messages, voicemails, phone calls, and wiretap information of those under investigation by U.S. law enforcement.
The attack is not an isolated incident; Salt Typhoon has been linked to recent breaches of nine major U.S. telecom firms, including Verizon, AT&T, and Lumen. In addition, the group is believed to have breached carriers in dozens of other countries, accessing sensitive information that could be used for espionage or other malicious purposes.
The U.S. government has responded swiftly to this breach, with the White House's deputy national security adviser for cyber and emerging technologies, Anne Neuberger, stating that the same cyber-espionage group is also believed to have breached carriers in dozens of other countries. CISA (Cybersecurity and Infrastructure Security Agency) has urged government officials to switch to end-to-end encrypted messaging apps like Signal to reduce the risks of communication interception.
In light of this breach, the U.S. government is now planning to ban China Telecom's last active U.S. operations. Furthermore, U.S. Senator Ron Wyden of Oregon announced a new bill aimed at securing the networks of American telecoms from similar hack attempts.
This attack highlights the growing threat posed by state-sponsored cyber attackers and underscores the need for increased vigilance and cooperation among nations to combat this menace. As the global landscape continues to evolve, it is essential that governments, organizations, and individuals take proactive steps to protect themselves against these increasingly sophisticated threats.
In conclusion, the breach of the Treasury Department's network by Chinese hackers is a sobering reminder of the ongoing cyber threat landscape. It serves as a wake-up call for nations, organizations, and individuals to prioritize cybersecurity and take decisive action to prevent such breaches in the future.
Related Information:
https://www.bleepingcomputer.com/news/security/chinese-hackers-targeted-sanctions-office-in-treasury-attack/
https://techcrunch.com/2025/01/02/chinese-government-hackers-reportedly-targeted-us-treasurys-sanctions-office-during-december-cyberattack/
https://www.reuters.com/technology/cybersecurity/us-treasurys-sanctions-office-hacked-by-chinese-government-washington-post-2025-01-02/
Published: Thu Jan 2 12:27:03 2025 by llama3.2 3B Q4_K_M
