The FBI, led by Director Chris Wray, has thwarted a group of Chinese hackers who were acting under the direction of the Chinese government. The hackers’ goal was to breach critical infrastructure in the United States and other nations, as well as to conduct espionage and steal information from universities, government entities, and various organizations. Known as Flax Typhoon, the hacking campaign involved installing malicious software on numerous internet-connected devices, such as cameras, video recorders, and home and office routers, to form a significant botnet network.
During the Aspen Cyber Summit, Wray highlighted that the actions of Flax Typhoon had inflicted tangible damage on victims who were forced to allocate valuable resources and time to address the aftermath of the discovered malware. Although specific targets were not disclosed, it was mentioned that universities, government bodies, telecommunications companies, media outlets, and non-governmental organizations were among them. According to Wray, half of the compromised devices were situated in the United States.
Wray emphasized that while the disruption of Flax Typhoon was a successful endeavor, it is just a single triumph in an ongoing battle. The FBI, in collaboration with other agencies, obtained a warrant to seize the botnet’s infrastructure. Wray warned that the Chinese government would persist in targeting critical infrastructure and organizations, either directly or covertly through proxies. The objective remains to pinpoint malicious activities, disrupt hacking operations, and expose wrongdoings carried out by these threat actors.
In a report by Microsoft from August 2023, Flax Typhoon was identified as intensifying its focus on Taiwanese entities and government institutions worldwide. Notably, this action follows Wray’s earlier revelation to Congress about the dismantling of a separate Chinese state-sponsored hacking group called Volt Typhoon. This particular group utilized U.S.-based home and office routers owned by individuals and companies to obscure their activities as they introduced malware. The end goal of Volt Typhoon included targeting critical systems like water treatment facilities, the electricity grid, and transportation networks throughout the United States.
