
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Shanghai-based hacker Yin Kecheng and Sichuan Juxinhe Network Technology Co. for their involvement in recent cyber attacks against U.S. institutions.
Yin Kecheng, a decade-long cyber operative linked to China’s Ministry of State Security (MSS), was identified as a key player in the recent Treasury Department network breach. The attack, disclosed in December 2024, exploited a zero-day vulnerability in BeyondTrust’s remote support platform and was specifically targeted at the sanctions office.
Sichuan Juxinhe Network Technology Co., a Chinese cybersecurity firm, faces sanctions for its direct involvement with the Salt Typhoon hacker group. This group has been responsible for breaching major U.S. telecommunications and internet service providers, conducting espionage on high-profile targets.
The operation has been attributed to “Silk Typhoon” (also known as Hafnium), a sophisticated cyber espionage team targeting organizations across the U.S., Japan, Australia, and Vietnam.
Under Executive Order 13694, these sanctions freeze all U.S.-based assets of the targeted entities and prohibit U.S. persons from conducting transactions with them. The U.S. State Department continues to offer a $10 million reward for information leading to the identification of hackers targeting U.S. government or critical infrastructure.
This action follows recent sanctions against Beijing-based Integrity Tech for its connection to the Chinese state-sponsored Flax Typhoon hacking group.