Chinese cybersecurity firm Sichuan Silence has been sanctioned by the U.S. Treasury Department for its role in the widespread exploitation of the Sophos XG firewall zero-day SQL injection flaw, tracked as CVE-2020-12271, to compromise critical infrastructure entities in the U.S. and other parts of the world with the Ragnarok ransomware in 2020, reports BleepingComputer.
Also sanctioned was Sichuan Silence researcher Guan Tianfeng, also known as GbigMao, who identified and leveraged the zero-day to compromise nearly 81,000 firewalls around the world, more than a quarter of which were in the U.S., according to the Treasury Department. Bounties of up to $10 million have already been offered by the State Department's Rewards for Justice Program for any information regarding Sichuan Silence or Guan, who was also indicted by the Justice Department. Such developments have been welcomed by Sophos Chief Information Security Officer Ross McKerchar. "This is a positive step towards disrupting these attackers' operation," McKerchar said.
