web analytics

Hacking Group ‘Silk Typhoon’ Linked to US Treasury Breach – Source: www.darkreading.com

Rate this post

Source: www.darkreading.com – Author: Kristina Beek, Associate Editor, Dark Reading

Satellite view of a typhoon in the Philippines

Source: World History Archive via Alamy Stock Photo

NEWS BRIEF

The Chinese threat actor group known as “Silk Typhoon” has been linked to the December 2024 hack on an agency that’s part of the US Department of the Treasury.

In the breach, the threat actors were able to use a stolen Remote Support SaaS API key through third-party cybersecurity vendor BeyondTrust to steal data from workstations in the Office of Foreign Assets Control (OFAC).

Silk Typhoon, also known as Hafnium, is well known for hitting targets in education, healthcare, defense, and non-governmental organizations. 

Using tools such as the China Chopper Web shell, the group’s cyber-espionage campaigns focus mainly on data theft.

The group also targeted the Treasury Department’s Office of Financial Research; this latest breach is still being investigated and assessed.

The Cybersecurity and Infrastructure Security Agency (CISA) has since confirmed that these exploits are limited to just the agency, and there is no indication that any other federal agencies have been impacted by the incident.

About the Author

Kristina Beek, Associate Editor, Dark Reading

Skilled writer and editor covering cybersecurity for Dark Reading.

Original Post URL: https://www.darkreading.com/cyberattacks-data-breaches/hacking-group-silk-typhoon-linked-us-treasury-breach

Category & Tags: –

Views: 12

LinkedIn
Twitter
Facebook
WhatsApp
Email

advisor pick´S post