The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Beijing-based Integrity Technology Group, Inc. for conducting cyber attacks against U.S. targets. The company is linked to Flax Typhoon, a Chinese state-sponsored threat actor also known as Ethereal Panda or RedJuliett.
Flax Typhoon, active since mid-2021, has targeted organizations across multiple continents using an IoT botnet called Raptor Train. The group exploits known vulnerabilities for initial system access and employs legitimate remote access software to maintain persistence.
The Treasury Department identifies Chinese cyber actors as among the most significant threats to U.S. national security, consistently targeting federal systems. Acting Under Secretary Bradley T. Smith emphasized the department’s commitment to countering these threats through all available means while strengthening cyber defenses across public and private sectors.
Integrity Group, also known as Yongxin Zhicheng, provided infrastructure support for Flax Typhoon operations between mid-2022 and late-2023. The company, established in 2010, maintains connections with China’s Ministry of State Security and serves various government security bureaus. Their targets include U.S. and international corporations, universities, government agencies, telecommunications providers, and media organizations.