An extensive botnet network run by a hacker organization supported by the Chinese government has been taken over by the FBI. Christopher Wray, the director of the FBI, and other US agencies claimed that the botnet network was made up of hundreds of thousands of hijacked internet-connected devices under the group’s control, including routers, cameras, storage units, and video recorders.
During the cybersecurity conference Aspen Cyber Summit, Wray stated that the hacking group known as Flax Typhoon was “targeting critical infrastructure across the US and overseas, everyone from corporations and media organizations to universities and government agencies.”
Botnet networks are made up of internet-connected devices that are controlled by bots. These devices can be exploited by hackers for spam campaigns, DDoS assaults, data theft, and unauthorized access to the devices and the networks they are connected to.
What the FBI director said about the botnet
Wray detailed what transpired after the government took over the botnet’s infrastructure and began extracting the malware from the infected devices.
He explained: “Working in collaboration with our partners, we executed court-authorized operations to take control of the botnet’s infrastructure. Now, when the bad guys realized what was happening, they tried to migrate their bots to new servers and even conducted a [distributed denial of service, or DDoS] attack against us.”
Additionally, a joint advisory from the FBI, NSA, and Cyber National Mission Force links the Chinese government to a botnet of 260,000 infected devices. The advisory disclosed that Chinese hackers were using the botnet to conceal their actions. The US government claims that Integrity Technology Group, a business purportedly acting on behalf of the Chinese government, was in charge of operating and controlling the bothet.
The report claims that the botnet used Mirai to penetrate susceptible internet-connected devices. This harmful software was made available to the public in 2016 after hackers used it to carry out a potent distributed denial-of-service (DDoS) attack.
The caution stated that a wide range of consumer internet-connected devices were the focus of the Flax Typhoon operation. Additionally, authorities found a database that contained “over 1.2 million records of compromised devices,” including more than 385,000 unique US
victim devices, both previously and currently exploited.
Chinese hacking groups attacking the US and Taiwan
Taiwan has been the target of hacking activity by the Chinese government’s Flax Typhoon squad, according to reports from Microsoft and cybersecurity organization ESET. In the meantime, Volt Typhoon, another Chinese outfit, has been attacking the United States.
Volt Typhoon struck US internet providers and vital infrastructure earlier this year, while Flax Typhoon breached Microsoft Exchange systems in Taiwan. The US government has halted Volt Typhoon’s operations and issued a warning about the possibility of damaging cyberattacks. Senior authorities have issued a warning over Beijing’s attempts to inflict “real-world harm” on Americans in the event that there is a future conflict with China.
Also read: Automation in Oil and Gas: Horizons and Expectations for the Next 5 Years
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
