Yazılar

U.S. Lifts Sanctions on Tornado Cash Amid Legal Challenges

/in /tarafından

The U.S. Treasury Department announced on Friday that it has lifted sanctions on Tornado Cash, a cryptocurrency “mixer” accused of facilitating the laundering of more than $7 billion, including funds stolen by North Korean hackers. The decision follows legal challenges from six Tornado Cash users, who filed a lawsuit against the sanctions, supported by cryptocurrency exchange Coinbase.

In 2022, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) blacklisted Tornado Cash, claiming the firm had been involved in laundering cybercrime proceeds, including $455 million stolen by the Lazarus Group, a North Korean-backed hacking organization. Tornado Cash is designed to obfuscate the origins and recipients of cryptocurrency transactions, making it a popular tool for illicit activities.

Despite the sanctions being lifted, the Treasury reaffirmed its concerns over North Korea’s state-sponsored cyber activities, particularly its use of stolen digital assets to fund government operations. Treasury Secretary Scott Bessent emphasized the importance of protecting the digital asset industry from misuse by North Korea and other malicious actors.

The decision to lift the sanctions comes after a U.S. appeals court ruled in November that OFAC had overreached in its application of the sanctions. The Treasury indicated that the repeal followed a review of legal and policy issues, particularly in light of evolving technology and legal environments.

In 2023, two co-founders of Tornado Cash were charged with facilitating over $1 billion in money laundering, including laundering for the Lazarus Group. One of the co-founders, Roman Storm, is awaiting trial and has denied any wrongdoing. Additionally, Tornado Cash developer Alexey Pertsev was sentenced to five years and four months in prison in the Netherlands for his involvement in money laundering activities.

U.S. Indicts Chinese Hackers and Sanctions Tech Company Over Spy Campaign

/in /tarafından

The U.S. government has announced new legal actions targeting alleged Chinese hackers, including multiple indictments and sanctions, in connection with a years-long espionage campaign. Federal authorities have charged 10 individuals in total, including eight employees from a Chinese tech company, i-Soon (also known as Anxun Information Technology), and two members of the Chinese Ministry of Public Security.

The indictment, made public on Wednesday, describes i-Soon as a key component in China’s “hacker-for-hire” ecosystem, claiming the company played a significant role in targeting global and U.S. entities. Among the alleged victims were the U.S. Defense Intelligence Agency, the Department of Commerce, Taiwan’s and South Korea’s foreign ministries, and several organizations critical of China, including news agencies. Additionally, the hackers infiltrated various religious groups, including a major U.S.-based religious organization.

The indictment outlines that i-Soon charged Chinese intelligence agencies between $10,000 and $75,000 for each email inbox they successfully breached, with added fees for data analysis. The charges against the individuals range from stealing sensitive personal and government data to orchestrating cyber-attacks on foreign governments.

In response, the Chinese embassy in Washington condemned the U.S. sanctions, emphasizing China’s opposition to what it called “long-arm jurisdiction” and vowed to take action to protect the rights of its citizens and companies.

Alongside the indictments, the U.S. Treasury Department announced sanctions against Shanghai-based Heiying Information Technology and its founder, Zhou Shuai, for allegedly selling stolen data and access to compromised U.S. infrastructure networks. Some of the stolen data was reportedly sold to a previously sanctioned Chinese hacker, Yin Kecheng, who was also indicted. Yin is linked to a prior breach of U.S. Treasury data.

CISA Reports No Indication of Broader Impact from Treasury Department Cyber Breach

/in /tarafından

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) stated on Monday that there is “no indication” the recent cyber breach at the U.S. Treasury Department has affected any other federal agencies. This followed a report that Chinese hackers compromised several computers at the Treasury, stemming from a breach at cybersecurity contractor BeyondTrust.

While BeyondTrust confirmed that a limited number of its clients were affected, the company has not provided further details regarding which clients may have been impacted. The forensic investigation into the breach is still ongoing, and BeyondTrust has yet to confirm additional details about the scope of the attack.

Reports have suggested that the hackers specifically targeted the U.S. Treasury office responsible for administering economic sanctions, likely aiming to access information about Chinese entities under consideration for U.S. financial sanctions. This attack is part of an ongoing series of cyber incidents attributed to Chinese state-sponsored actors.

Republican lawmakers have called for a briefing on the incident. In response, Chinese Embassy spokesperson Liu Pengyu dismissed the claims, calling the reports “irrational” and part of “smear attacks” against China.