Top

US FBI disrupts second Chinese hacking group, director says

By Raphael Satter

WASHINGTON (Reuters) – U.S. law enforcement has disrupted a second major Chinese hacking group nicknamed “Flax Typhoon” and wrested thousands of compromised devices from its grasp, FBI Director Christopher Wray said on Wednesday.

Wray, at a cybersecurity conference in Washington, said Flax Typhoon was being run by a Chinese company called the Integrity Technology Group that posed as an IT firm but also “collected intelligence and performed reconnaissance for Chinese government security agencies.”

In an advisory also made public Wednesday, British, Canadian, Australian and New Zealand cyber officials also accused the Integrity Technology Group of being behind the malicious cyber operation and said that, as of June, it had compromised more than 250,000 devices around the world.

In a statement, the Chinese Embassy in Washington accused U.S. authorities of having “jumped to an unwarranted conclusion and made groundless accusations against China,” claiming that Beijing cracks down on “all forms of cyberattacks.”

A previously known hacking group dubbed “Volt Typhoon” has been the subject of increasing concern by Western officials since it was first identified last year as cyber sabotage group focused on establishing a foothold in critical U.S. infrastructure.

U.S. officials have said it is a China-backed group, while Beijing has said it is a ransomware gang.

Wray said the operation against Flax Typhoon took place last week “as part of our ongoing efforts to take China’s botnets offline.” Like Volt Typhoon, he said that Flax Typhoon was targeting critical infrastructure, but also corporations, media organizations, universities, and government agencies.

To help camouflage their operations, Flax Typhoon routed their malicious traffic through something called “a botnet,” a network of hijacked devices that in this case included cameras and digital storage devices, Wray said.

When the FBI tried to take control of the botnet’s infrastructure, the hackers responded with a cyberattack before abandoning the fight, he said.

US FBI disrupts second Chinese hacking group, director says
FILE PHOTO: FBI headquarters building is seen in Washington, U.S., December 7, 2018. REUTERS/Yuri Gripas/File Photo

Wray warned that the FBI would continue to clash with China’s hackers.

The action against Flax Typhoon was “just one round in a much longer fight,” he said.