The US Department of Finance has imposed sanctions against the Chinese company Sichuan Silence and one of its employees for launching cyber attacks using the Ragnarok malware program. These attacks, which occurred in 2020, targeted critical infrastructure in the United States and other countries.
Sichuan Silence, a company based in Chendu, China, is known to work for the State Construction of China and is involved in various activities, including cyber reconnaissance. The company specializes in activities such as network intrusion, password cracking, email monitoring, and censorship of dissenting opinions.
According to reports, an employee of Sichuan Silence named Guang Tianfen, also known as Gbigmao, exploited a vulnerability in an interconnected screen to infect approximately 81,000 devices worldwide. The motive behind the attack was to steal login credentials and install the Ragnarok malware program. Out of the 23,000 affected devices in the United States, 36 belonged to critical infrastructure facilities. One such victim was an energy company, and the attack could have had catastrophic consequences if it had not been intercepted in time.
In response to these malicious activities, the US Ministry of Justice has filed accusations against Guang Tianfen, and the State Department has announced a reward for information related to Sichuan Silence’s technology.