FBI Shuts Down Botnet Run by Beijing-Backed Hackers That Hijacked Over 200,000 Devices

U.S. authorities person dismantled a monolithic botnet tally by hackers backed by the Chinese government, according to a code fixed by FBI manager Christopher Wray connected Wednesday. The botnet malware infected a fig of antithetic types of internet-connected devices astir the world, including location routers, cameras, integer video recorders, and NAS drives. Those devices were utilized to assistance infiltrate delicate networks related to universities, authorities agencies, telecommunications providers, and media organizations.

Wray explained the cognition astatine the Aspen Digital league and said the hackers enactment for a Beijing-based institution called Integrity Technology Group, which is known to U.S. researchers arsenic Flax Typhoon. The botnet was launched successful mid-2021, according to the FBI, and infected astir 260,000 devices arsenic of June 2024.

The cognition to dismantle the botnet was coordinated by the FBI, the NSA, and the Cyber National Mission Force (CNMF), according to a property merchandise dated Wednesday. The U.S. Department of Justice received a tribunal bid to instrumentality power of the botnet infrastructure by sending disabling commands to the malware connected infected devices. The hackers tried to counterattack by hitting FBI infrastructure but were “ultimately unsuccessful,” according to the instrumentality enforcement agency.

About fractional of the devices hijacked were successful the U.S., according to Wray, but determination were besides devices identified arsenic compromised successful South America, Europe, Africa, Southeast Asia, and Australia. And the DOJ noted successful a property merchandise that authorities successful Australia, Canada, New Zealand, and the UK each helped instrumentality down the botnet.

Wray stressed that backstage manufacture moving with the FBI could assistance those companies prevention money, claiming that firms saved astir $800 cardinal successful ransomware payments successful conscionable 2 years by moving with the bureau aft getting hacked.

The DOJ property merchandise said that the cognition to instrumentality down the botnet “did not impact the morganatic functions of, oregon cod contented accusation from, the infected devices.” And the FBI said it would interaction the ISPs of anyone whose devices were utilized successful the botnet operation. The ISPs are the ones who are expected to notify the extremity users astir some the compromise from hackers and the FBI’s ain intrusion of their devices, the DOJ was speedy to enactment that was lone done with a tribunal order.

“The Justice Department is zeroing successful connected the Chinese authorities backed hacking groups that people the devices of guiltless Americans and airs a superior menace to our nationalist security,” Attorney General Merrick Garland said successful a connection connected Wednesday.

“As we did earlier this year, the Justice Department has again destroyed a botnet utilized by PRC-backed hackers to infiltrate user devices present successful the United States and astir the world,” Garland continued, utilizing the acronym for the People’s Republic of China. “We volition proceed to aggressively antagonistic the menace that China’s state-sponsored hacking groups airs to the American people.”