US Treasury Targets Sichuan Juxinhe Network Technology Co.
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sanctions on Sichuan Juxinhe Network Technology Co., Ltd., a Chinese cybersecurity firm, for alleged connections to the notorious hacking group known as Salt Typhoon. This move comes as part of ongoing efforts to hold accountable those involved in cyberattacks against American entities.
Salt Typhoon gained infamy for orchestrating one of the largest telecom hacks in US history, infiltrating the networks of nine major US telecommunications companies and internet providers, including industry giants Verizon and AT&T. According to the Treasury’s statement, Sichuan Juxinhe played a direct role in exploiting these US firms. The statement further highlighted that the Chinese Ministry of State Security (MSS) has maintained strong ties with multiple computer network exploitation companies, including Sichuan Juxinhe.
A Major Incursion
The Salt Typhoon breach, characterized by its scale and sophistication, targeted high-level government communications. The hackers exploited a vulnerability in BeyondTrust, a third-party tech support platform, allowing them to lurk within telecom networks for months before their presence was detected and neutralized.
Deputy Secretary of the Treasury Adewale O. Adeyemo emphasized the importance of these sanctions, stating, “The Treasury Department will continue to use its authorities to hold accountable malicious cyber actors who target the American people, our companies, and the United States government, including those who have targeted the Treasury Department specifically.”
The breach not only compromised sensitive communications but also underscored the persistent threat posed by state-sponsored cyber actors. The Treasury’s response reflects a broader strategy to disrupt and deter cyber espionage and attacks that undermine national security.
Continued Cyber Threats and Sanctions of Chinese Cybersecurity Firm
In the aftermath of the Salt Typhoon hack, the US Treasury itself became a target of a subsequent cyberattack. This attack focused on the Committee on Foreign Investment in the United States (CFIUS), the department responsible for reviewing foreign investments for potential national security risks.
This is not the first instance of the US Treasury sanctioning Chinese cybersecurity firms. In January 2025, Yongxin Zhicheng Technology Group was sanctioned for alleged ties to another hacking group, Flax Typhoon. This group was implicated in exploiting broadband and communications backdoors intended for lawful interception by US law enforcement.
The US government’s actions signal a robust stance against cyber threats originating from foreign entities. By sanctioning firms like Sichuan Juxinhe and Yongxin Zhicheng, the Treasury aims to disrupt the operations of state-sponsored hackers and safeguard critical infrastructure and sensitive information.
As cyber threats continue to evolve, the US remains vigilant in its efforts to protect national security and hold accountable those who perpetrate cyberattacks. The sanctions against Sichuan Juxinhe underscore the serious consequences for entities that engage in or support malicious cyber activities.
