FBI Thwarts Major Chinese-Linked Botnet Threatening US Infrastructure

The United States has successfully disrupted a botnet campaign, known as Flax Typhoon, orchestrated by hackers linked to China. The announcement was made by FBI Director Christopher Wray during a cyber summit in Washington, according to Voice of America.

Wray described the campaign as a broader effort by Beijing to infiltrate American infrastructure using Internet-of-Things devices, including cameras and storage units. Approximately half of these compromised devices were located in the US, Wray detailed.

The hackers operated under the facade of an information security company named Integrity Technology Group, gathering data from various sectors. "They leveraged hundreds of thousands of devices to create a botnet that compromised systems and extracted confidential data," Wray stated.

The disruption occurred last week after the FBI, in collaboration with international allies, took control of the botnet and outmaneuvered the hackers as they attempted to switch to a backup system. "Realizing it was the FBI, the perpetrators dismantled their new infrastructure," Wray added.

Wray highlighted that Flax Typhoon's methods mirrored those of another Chinese-linked group, Volt Typhoon, identified by Microsoft last year for disrupting communications infrastructure in Guam. The Chinese embassy in the US has denied these accusations, calling them unfounded and asserting that the US is the primary source of global cyberattacks.

Following the FBI's announcement, the US National Security Agency (NSA) issued an advisory for affected users to install security patches, noting that Flax Typhoon had compromised over 260,000 devices worldwide as of June.

(With inputs from agencies.)