Friend
Professional
- Messages
- 2,653
- Reaction score
- 848
- Points
- 113
Legitimate business or a cover for state cyberattacks?
U.S. authorities have brought serious charges against a major Chinese cybersecurity company. Integrity Technology Group (also known as Yongxin Zhicheng), which is listed on the Shanghai Stock Exchange, has been at the center of an international scandal.
FBI Director Christopher Wray said the company is directly involved in hacking activities sponsored by the Chinese state. According to him, Integrity Tech operates a botnet associated with the Flax Typhoon hacker group.
In a joint statement, U.S. cybersecurity authorities reveal interesting details. Since 2021, the company has allegedly hacked hundreds of thousands of Internet of Things (IoT) devices. The MySQL database used to manage the botnet contains information on more than 1.2 million compromised devices. As of June of this year, Integrity Tech has infected over 260,000 machines. Experts found that the company used the same IP addresses both to manage the botnet and to access the infrastructure involved in attacks on American organizations.
The FBI conducted an investigation and concluded that the methods and infrastructure used in the attacks were consistent with the tactics of the Flax Typhoon group. Previously, this group was seen spying against organizations in Taiwan.
Christopher Wray underscored the scale of the threat, saying Flax Typhoon targets "everyone from corporations and media to universities and government agencies." According to him, about half of the seized devices in the botnet are located in the United States.
The company is also one of the organizers of the Matrix Cup, a hacking competition that plays a key role in the country's talent identification and development system.
A document was recently published in Natto Thoughts that reveals the mechanics of the Matrix Cup. The competition serves to nurture domestic hacking talent and expand intelligence agencies' access to critical vulnerabilities. One of the authors, Eugenio Benincasa, emphasizes: "The fact that the company at the heart of this ecosystem is simultaneously involved in state-sponsored activities is very revealing".
According to a report by researcher Dakota Carey of Georgetown University's Center for Security and Emerging Technologies, the Integrity Group is a leading developer of China's cyber ranges, another important element in the training system. The organization's activities were even praised in the journal of the Ministry of State Security of China.
The accusations against Integrity Tech are not the first time the U.S. has pointed to the involvement of Chinese businesses in state-backed hacking activities. In 2017, similar accusations were made against Boyusec. However, the scope of the Integrity Group's activities is much wider.
According to the Shanghai Stock Exchange, the company has a market capitalization of around $318 million and revenue of approximately $56 million. In official documents, the Integrity Group positions itself as a seller of legitimate network security products, although apparently exclusively for compatriots. At the end of 2023, the company had 498 employees, almost half of whom are employed in the technology sector.
Source
U.S. authorities have brought serious charges against a major Chinese cybersecurity company. Integrity Technology Group (also known as Yongxin Zhicheng), which is listed on the Shanghai Stock Exchange, has been at the center of an international scandal.
FBI Director Christopher Wray said the company is directly involved in hacking activities sponsored by the Chinese state. According to him, Integrity Tech operates a botnet associated with the Flax Typhoon hacker group.
In a joint statement, U.S. cybersecurity authorities reveal interesting details. Since 2021, the company has allegedly hacked hundreds of thousands of Internet of Things (IoT) devices. The MySQL database used to manage the botnet contains information on more than 1.2 million compromised devices. As of June of this year, Integrity Tech has infected over 260,000 machines. Experts found that the company used the same IP addresses both to manage the botnet and to access the infrastructure involved in attacks on American organizations.
The FBI conducted an investigation and concluded that the methods and infrastructure used in the attacks were consistent with the tactics of the Flax Typhoon group. Previously, this group was seen spying against organizations in Taiwan.
Christopher Wray underscored the scale of the threat, saying Flax Typhoon targets "everyone from corporations and media to universities and government agencies." According to him, about half of the seized devices in the botnet are located in the United States.
The company is also one of the organizers of the Matrix Cup, a hacking competition that plays a key role in the country's talent identification and development system.
A document was recently published in Natto Thoughts that reveals the mechanics of the Matrix Cup. The competition serves to nurture domestic hacking talent and expand intelligence agencies' access to critical vulnerabilities. One of the authors, Eugenio Benincasa, emphasizes: "The fact that the company at the heart of this ecosystem is simultaneously involved in state-sponsored activities is very revealing".
According to a report by researcher Dakota Carey of Georgetown University's Center for Security and Emerging Technologies, the Integrity Group is a leading developer of China's cyber ranges, another important element in the training system. The organization's activities were even praised in the journal of the Ministry of State Security of China.
The accusations against Integrity Tech are not the first time the U.S. has pointed to the involvement of Chinese businesses in state-backed hacking activities. In 2017, similar accusations were made against Boyusec. However, the scope of the Integrity Group's activities is much wider.
According to the Shanghai Stock Exchange, the company has a market capitalization of around $318 million and revenue of approximately $56 million. In official documents, the Integrity Group positions itself as a seller of legitimate network security products, although apparently exclusively for compatriots. At the end of 2023, the company had 498 employees, almost half of whom are employed in the technology sector.
Source
