By NewsBlogger The U.S. government has taken significant actions against Chinese and Russian entities for their involvement in cyberattacks and sanctions evasion, involving sanctions, indictments, and rewards for information leading to identification.
At a glance
- U.S. government sanctions Chinese and Russian entities for cyberattacks and sanctions evasion
- Joint effort by U.S. Treasury Department, OFAC, DOJ, FBI, Department of State, and UK Foreign Office
- UK sanctions Wuhan XRZ and APT31 operatives for targeting UK parliamentarians and breaching systems
- State Department offers rewards for information on Chinese MSS hackers
- OFAC sanctions cryptocurrency exchanges for facilitating evasion of economic restrictions on Russia
The details
The U.S. government has recently taken significant actions against Chinese and Russian entities for their involvement in cyberattacks and sanctions evasion.
In a joint effort, the U.S. Treasury Department sanctioned a Wuhan-based company allegedly used by the Chinese Ministry of State Security (MSS) as a front for attacks on critical infrastructure in the U.S. The Office of Foreign Assets Control (OFAC) also designated two Chinese nationals linked to the APT31 Chinese state-backed hacking group.
This coordinated effort involved the U.S. Department of Justice, FBI, Department of State, and the UK Foreign, Commonwealth & Development Office.
UK Sanctions
Additionally, the UK imposed sanctions on Wuhan XRZ and the two APT31 operatives for their activities targeting UK parliamentarians, hacking the GCHQ intelligence agency, and breaching the UK’s Electoral Commission systems.
The Justice Department unsealed indictments against Zhao Guangzong, Ni Gaobin, and five other defendants for their involvement in malicious operations carried out by Wuhan XRZ. These operations were aimed at U.S. critical infrastructure, businesses, and politicians in support of China’s intelligence and economic espionage objectives.
In response to these actions, the State Department is offering rewards of up to $10 million for information leading to the identification of Wuhan XRZ, APT31, or any of the seven Chinese MSS hackers involved.
The sanctions imposed freeze all assets and interests in the U.S. linked to the designated individuals and entities, with transactions involving them prohibited unless authorized by OFAC.
Cryptocurrency Exchanges Sanctioned
On a separate front, the U.S. Department of the Treasury’s OFAC targeted three cryptocurrency exchanges for facilitating the evasion of economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. The sanctioned exchanges, Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and TOEP, were found to have engaged in transactions with sanctioned Russian entities Hydra Market and Garantex.
These designations cover thirteen entities and two individuals operating in the Russian financial services and technology sectors.
The U.S. government’s actions against these entities reflect a broader effort to counter cyber threats and sanctions evasion, with a focus on disrupting illegal activities and enforcing international norms in the digital and financial spheres.
The Treasury Department’s continued vigilance and enforcement efforts aim to thwart illicit activities and protect national security interests.
Article X-ray
Sources
Here are all the sources used to create this article:
Facts attribution
This section links each of the article’s facts back to its original source.
If you suspect false information in the article, you can use this section to investigate where it came from.
| bleepingcomputer.com |
|---|
| – The U.S. Treasury Department has sanctioned a Wuhan-based company used by the Chinese Ministry of State Security (MSS) as cover in attacks against U.S. critical infrastructure organizations. – |
| The Office of Foreign Assets Control (OFAC) has designated two Chinese nationals (Zhao Guangzong and Ni Gaobin) linked to the APT31 Chinese state-backed hacking group. – |
| The U.S. Department of Justice, FBI, Department of State, and the UK Foreign, Commonwealth & Development Office were involved in this joint effort. – |
| The UK also sanctioned Wuhan XRZ and the two APT31 operatives for targeting UK parliamentarians, hacking the GCHQ intelligence agency, and breaching the UK’s Electoral Commission systems. – |
| The Justice Department unsealed indictments charging Zhao Guangzong, Ni Gaobin, and five other defendants for their involvement in malicious operations coordinated by Wuhan XRZ. – |
| These operations targeted U.S. critical infrastructure, businesses, and politicians in support of China’s foreign intelligence and economic espionage objectives. – |
| The State Department is offering rewards of up to $10 million for information on Wuhan XRZ, APT31, or any of the seven Chinese MSS hackers. – |
| As a result of the sanctions, all assets and interests in the U.S. linked to designated individuals and entities are frozen. – Entities at least 50% owned by blocked persons are also subject to freeze, and transactions involving blocked persons’ assets are prohibited unless authorized by OFAC. – |
| In July 2021, the U.S. and its allies blamed the MSS-linked Chinese state-backed APT40 and APT31 threat groups for a widespread Microsoft Exchange hacking campaign. |
| – In July 2020, the Council of the European Union announced sanctions against Huaying Haitai, a company linked to the Chinese-backed APT10 threat group, and two of its employees for their involvement in the ‘Operation Cloud Hopper’ cyber-espionage campaign. |
| thehackernews.com |
|---|
| – The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022 – |
| The sanctioned exchanges are Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (TOEP) – |
| The designations cover thirteen entities and two individuals operating in the Russian financial services and technology sectors – Bitpapa has been accused of facilitating transactions worth millions of dollars with sanctioned Russian entities Hydra Market and Garantex – Crypto Explorer offers currency conversion services between virtual currencies, rubles, and UAE dirhams – AWEX offers cash services at its offices in Moscow and Dubai and loads funds onto credit cards associated with OFAC-designated Russian banks – TOEP enabled digital payments in rubles and virtual currencies to sanctioned entities such as Sberbank, Alfa-Bank, and Hydra Market – Moscow-based fintech companies like B-Crypto, Masterchain, and Laitkhaus have partnered with sanctioned Russian banks to issue, exchange, and transfer cryptocurrency assets – Properties and interests in the U.S. connected to designated individuals and entities will be frozen – Entities at least 50% owned directly or indirectly by blocked persons will also be subject to the blockade – Brian E. Nelson, Under Secretary of the Treasury for Terrorism and Financial Intelligence, stated that Russia is turning to alternative payment mechanisms to circumvent U.S. sanctions and continue funding its war against Ukraine – Treasury will continue to expose and disrupt companies that help sanctioned Russian financial institutions reconnect to the global financial system |
