US officials have blocked another China-backed botnet, releasing hundreds of thousands of infected devices, according to FBI Director Christopher Wray.
He made the announcement on Wednesday during his keynote speech at a cyber summit in Washington, D.C.
According to him, the malware infected a wide range of consumer devices, including routers, cameras, digital video recorders and network-attached storage devices, with the overall network termed a “botnet.”
He stated that the botnet was run by the Chinese government-sponsored hacking group Flax Typhoon, which utilised it to target key infrastructure in the United States and elsewhere, as well as public and commercial entities, universities, and the media.
A botnet is a collection of computers hijacked by hackers via malware, and in this case consisted of hundreds of thousands of Internet-connected devices from routers to cameras, digital video recorders and storage devices that the hackers used to “compromise systems and exfiltrate confidential data,” he said.
The network of infected devices was dismantled by federal authorities last week, with the Justice Department on Wednesday explaining in a statement that more than 200,000 infected devices, constituting more than half of the botnet, were located in the United States.
According to the Justice Department, these devices gave the hackers the ability to conduct malicious cyberactivity under the guise of routine Internet traffic.
Authorities said that during the disbanding operation, Chinese hackers attempted but failed to intervene.
He also identified for the first time that Flax Typhoon operates under the guise of being a legitimate information security company known as the Integrity Technology Group, which is based in Beijing.
According to Microsoft, “Flax Typhoon” has been active since mid-2021 and has targeted hundreds of Taiwanese government entities, most likely with the intention of spying on them.
According to the Justice Department, the business developed a web application that allowed consumers to log in and operate specific infected victim machines, including a menu of malicious cyber instructions via a program known as “vulnerability-arsenal.”
According to Wray, the company’s chairman has openly claimed that they have been collecting intelligence and conducting reconnaissance for Chinese government security services for years.
Related posts:
Chinese hackers hit US bases on Guam- Microsoft, Western Intelligence
Nepal detains 122 Chinese for suspected cyber crime, bank fraud
Trump thwarts G7 effort to ease trade spat, threatens auto tariffs
Halep thwarts Serena history bid with Wimbledon final triumph
Sudan military thwarts coup attempt, arrests senior officers
Russia Says It Thwarts Drone Attacks From Ukraine
Hackers access Moderna vaccine documents from EMA attack
Major Cyber attack targets US government agencies, Russia denies responsibility
