Flax Typhoon targeted critical infrastructure in the U.S. and abroad and compromised hundreds of thousands of devices, the FBI director said.

The post FBI joint operation takes down massive Chinese botnet, Wray says appeared first on CyberScoop.

The FBI conducted a joint operation last week to take down a massive Chinese state-sponsored botnet that the attackers used to compromise hundreds of thousands of devices, target U.S. and overseas critical infrastructure and steal data, Director Chris Wray said Wednesday. 

The group behind the botnet, Flax Typhoon, hijacked routers and Internet of Things devices like cameras, video recorders and storage devices, Wray said at the Aspen Cyber Summit — a step beyond the much-hyped operations of fellow Chinese hackers Volt Typhoon that had focused on routers. The targets included corporations, media organizations, universities and government agencies.

“Flax Typhoon’s actions caused real harm to its victims,” he said. “Working in collaboration with our partners, we executed court-authorized operations to take control of the botnet’s infrastructure.

“And when the bad guys realized what was happening, they tried to migrate their bots to new servers, and even conducted a DDoS attack against us,” Wray continued, referring to distributed denial of service attacks. “Working with our partners, we were able to not only mitigate their attack, but also identify their new infrastructure in just a matter of hours. At that point, as we began pivoting to their new servers, these guys finally realized it was the FBI and our partners that we were up against, and with that realization, they essentially burned down their new infrastructure and abandoned their” salvation efforts.

The FBI joint operation was able to identify thousands of infected devices, he said, thus allowing it to remove malware from them, “prying them from China’s grip,” he said.

The people behind the attack, according to Wray, “represent themselves as an information security company, the Integrity Technology Group, but their chairman has publicly admitted that for years his company has collected intelligence and performed reconnaissance for Chinese government security agencies.”

Despite the success, Wray said “it is just round one of a much longer fight.”

This story will be updated.

The post FBI joint operation takes down massive Chinese botnet, Wray says appeared first on CyberScoop.

Source: CyberScoop
Source Link: https://cyberscoop.com/fbi-operation-china-botnet-flax-typhoon/