FBI disrupts Chinese cyber operation targeting critical infrastructure in the U.S.

Image via AP.

The FBI has disrupted a group of Chinese hackers who were working at the direction of the Chinese government to infiltrate critical infrastructure in the U.S. and other countries and to spy on and steal data from universities, government agencies and others, Director Chris Wray said Wednesday.

The hacking campaign known as Flax Typhoon installed malicious software on thousands of internet-connected devices, including cameras, video recorders, and home and office routers, to create a massive botnet — a network of infected computers.

“Flax Typhoon’s actions caused real harm to its victims, who had to devote precious time to clean up the mess when they discovered the malware,” Wray said at the Aspen Cyber Summit.

The FBI and Justice Department, which obtained a warrant to seize the botnet’s infrastructure, did not identify any of the targets by name but said they included universities, government agencies, telecommunications providers, media organizations and nongovernmental organizations. Half of the hijacked devices were located in the U.S., Wray said.

“This was another successful disruption, but make no mistake — it’s just one round in a much longer fight,” Wray said. “The Chinese government is going to continue to target your organizations and our critical infrastructure, either by their own hand or concealed through their proxies, and we’ll continue to work with our partners to identify their malicious activity, disrupt their hacking campaigns, and bring them to light.”

Flax Typhoon was described in a Microsoft report in August 2023 that said the group had stepped up its targeting of Taiwanese organizations as well as government agencies in other countries.

___

Republished with permission of The Associated Press.