• Search
  • Tracker
  • Features
  • FAQ
  • Insights
  • About Us
  • Support Us
  1. Search
  2. Results
  3. Personal Information
Individual

Last Updated: June 30, 2026

  1. Search
  2. Results
  3. Personal Information

Last Updated: June 30, 2026

Individual

Tianfeng GUAN

Nationality

China

Date of birth

1994-01-07

Place of birth

Jiangcheng District, Yangjiang Municipality, Guangdong Province, China

Sex

Male

Address

Chengdu City High-Tech Zone, Tianfu Avenue North Section, Annex 18, Number 5, Chengdu, Sichuan, China

Reg. ID

441702199401071411, National ID No.

Function

Other

Official reason

Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) is sanctioning cybersecurity company Sichuan Silence Information Technology Company, Limited (Sichuan Silence), and one of its employees, Guan Tianfeng (Guan), both based in People’s Republic of China (PRC), for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide. Many of the victims were U.S. critical infrastructure companies. Guan Tianfeng discovered a zero-day exploit in a firewall product. A zero-day exploit is a previously unknown vulnerability in a computer software or hardware product that can be used in a cyberattack. Between April 22 and 25, 2020, Guan Tianfeng used this zero-day exploit to deploy malware to approximately 81,000 firewalls owned by thousands of businesses worldwide. The purpose of the exploit was to use the compromised firewalls to steal data, including usernames and passwords. However, Guan also attempted to infect the victims’ systems with the Ragnarok ransomware variant. This ransomware disables anti-virus software and encrypts the computers on a victim’s network if they attempt to remedy the compromise. Guan is a Chinese national and was a security researcher at Sichuan Silence at the time of the compromise. Guan competed on behalf of Sichuan Silence in cybersecurity tournaments and posted recently discovered zero-day exploits on vulnerability and exploit forums, including under his moniker GbigMao. Guan was responsible for the April 2020 firewall compromise. OFAC is designating Sichuan Silence and Guan pursuant to Executive Order (E.O.) 13694, as amended by E.O. 13757, for being responsible for or complicit in, or having engaged in, directly or indirectly cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States that are reasonably likely to result in, or have materially contributed to, a significant threat to the national security, foreign policy, or economic health or financial stability of the United States and that have the purpose or effect of harming, or otherwise significantly compromising the provision of services by, a computer or network of computers that support one or more entities in a critical infrastructure sector.

Sender

US

Other Information

https://home.treasury.gov/news/press-releases/jy2742

Date of listing

2024-12-10

Program information

Program information

Authority

US

Program

Executive Order 13694 Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities; Executive Order 13757 Taking Additional Steps to Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities

Regime

OFAC-horizontal

Target State

Cyber-attacks

Measures

Blocking Property, Suspending Entry

Sanctions Portfolio

• https://ofac.treasury.gov/faqs/topic/1546

Official Information

On December 31, 2015, OFAC issued the Cyber-Related Sanctions Regulations, 31 CFR part 578 (80 FR 81752, December 31, 2015) (the “Regulations”) to implement Executive Order (E.O.) 13694 of April 1, 2015, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities” (80 FR 18077, April 2, 2015), pursuant to authorities delegated to the Secretary of the Treasury in E.O. 13694. The Regulations were initially issued in abbreviated form for the purpose of providing immediate guidance to the public. OFAC is revising the Regulations to further implement E.O. 13694, as amended by E.O. 13757 of December 28, 2016, “Taking Additional Steps to Address the National Emergency With Respect to Significant Malicious Cyber-Enabled Activities” (82 FR 1, January 3, 2017), as well as certain provisions of title II of the Countering America's Adversaries Through Sanctions Act (Pub. L. 115–44, 131 Stat. 886 (codified in scattered sections of 22 U.S.C.)) (CAATSA). OFAC is amending and reissuing the Regulations as a more comprehensive set of regulations that includes additional interpretive guidance and definitions, general licenses, and other regulatory provisions that will provide further guidance to the public. Due to the number of regulatory sections being updated or added, OFAC is reissuing the Regulations in their entirety. E.O. 13694, as Amended by E.O. 13757. On April 1, 2015, the President, invoking the authority of, inter alia, the International Emergency Economic Powers Act (50 U.S.C. 1701 et seq.) (IEEPA), issued E.O. 13694. In E.O. 13694, the President determined that the increasing prevalence and severity of malicious cyber-enabled activities originating from, or directed by persons located, in whole or in substantial part, outside the United States constitute an unusual and extraordinary threat to the national security, foreign policy, and economy of the United States, and declared a national emergency to deal with that threat. On December 28, 2016, the President issued E.O. 13757 to take additional steps to deal with the national emergency with respect to significant malicious cyber-enabled activities declared in E.O. 13694. E.O. 13757 added an Annex to E.O. 13694 and amended section 1 of E.O. 13694 by replacing section 1(a) in its entirety.

Additional Details

SDN

Program URL

  • https://www.federalregister.gov/documents/2022/09/06/2022-19138/cyber-related-sanctions-regulations

Have feedback, suggestions or need help navigating sanctions? Let's talk.

Let's discuss how Sanctions Finder can support you or your business or organization.

Product

  • Search
  • Sanctions Tracker
  • Platform Features

Company

  • About Sanctions Finder
  • Insights

Support

  • FAQ
  • Contact Us

Legal

  • Terms of Use
  • Privacy Policy
XLinkedInContact Us

© 2026 Sanctions Finder