US FBI disrupts second Chinese hacking group, director says

FILE PHOTO: FBI Director Christopher Wray speaks during a meeting of the Department of Justice’s Election Threats Task Force at the Justice Department in Washington, U.S., September 4, 2024. REUTERS/Annabelle Gordon/File Photo

WASHINGTON (Reuters) -U.S. law enforcement has disrupted a second major Chinese hacking group nicknamed “Flax Typhoon” and wrested thousands of compromised devices from its grasp, FBI Director Christopher Wray said on Wednesday.

Wray, at a cybersecurity conference in Washington, said Flax Typhoon was being run by a Chinese company called the Integrity Technology Group that posed as an IT firm but also “collected intelligence and performed reconnaissance for Chinese government security agencies.”

In an advisory also made public Wednesday, British, Canadian, Australian and New Zealand cyber officials also accused the Integrity Technology Group of being behind the malicious cyber operation and said that, as of June, it had compromised more than 250,000 devices around the world.

In a statement, the Chinese Embassy in Washington accused U.S. authorities of having “jumped to an unwarranted conclusion and made groundless accusations against China,” claiming that Beijing cracks down on “all forms of cyberattacks.”

A previously known hacking group dubbed “Volt Typhoon” has been the subject of increasing concern by Western officials since it was first identified last year as cyber sabotage group focused on establishing a foothold in critical U.S. infrastructure.

U.S. officials have said it is a China-backed group, while Beijing has said it is a ransomware gang.

Wray said the operation against Flax Typhoon took place last week “as part of our ongoing efforts to take China’s botnets offline.” Like Volt Typhoon, he said that Flax Typhoon was targeting critical infrastructure, but also corporations, media organizations, universities, and government agencies.

To help camouflage their operations, Flax Typhoon routed their malicious traffic through something called “a botnet,” a network of hijacked devices that in this case included cameras and digital storage devices, Wray said.

When the FBI tried to take control of the botnet’s infrastructure, the hackers responded with a cyberattack before abandoning the fight, he said.

Wray warned that the FBI would continue to clash with China’s hackers.

The action against Flax Typhoon was “just one round in a much longer fight,” he said.

(Reporting by Raphael Satter; editing by Susan Heavey, Philippa Fletcher and David Gregorio)

 

Related Post

This website uses cookies.