The United States has imposed sanctions on the Chinese programmer, Guan Tianfeng, and the Sichuan Silence Information Technology Company where he worked. According to the indictment released by the federal court in Hammond, Indiana, Guan and his accomplices were working in the offices of the Sichuan company to discover and exploit an unknown vulnerability in firewalls sold by Sophos Ltd.
The malware that used the vulnerability was designed to steal data from infected computers and encrypt files if the user tried to remove the infection. Overall, Guan’s group infected approximately 81,000 firewalls worldwide. Sophos detected the attack and fixed their customers’ firewalls within two days, forcing the accomplices to change their malware.
On December 10, 2024, the Office of Foreign Assets Control (OFAC) of the US Treasury Department imposed sanctions on Sichuan Silence Information Technology Company and Guan Tianfeng. In addition, the US State Department announced a reward of up to $10 million for information leading to the identification or location of Guan.
