The Federal Bureau of Investigation (FBI) Director Christopher Wray announced on Wednesday that the United States law enforcement agencies have successfully dismantled a second Chinese hacker organization known as “Flax Typhoon”.
According to Wray, this organization, under the direction of the Chinese Communist Party (CCP), infiltrated critical infrastructure in the United States and other countries, monitoring and stealing information from universities, government agencies, and other institutions. The FBI has recovered thousands of devices compromised by this organization, with half of the hijacked devices located in the United States.
In this operation, hackers hijacked small offices and home routers owned by private individuals and companies in the United States to cover their tracks when planting malicious software. Their ultimate goal was to infiltrate water treatment facilities, power grids, and transportation systems across the United States.
Reuters reported on Wednesday that Wray, speaking at the Aspen Cyber Summit in Washington, stated that “Flax Typhoon” is operated by a Chinese company called Integrity Technology Group, posing as an IT company, “collecting intelligence and conducting reconnaissance for the Chinese (CCP) security apparatus”.
The hacking activities of “Flax Typhoon” involve installing malicious software on thousands of internet-connected devices, including cameras, recorders, home and office routers, to create a massive botnet, known as an infected computer network.
Wray stressed, “The actions of ‘Flax Typhoon’ have caused real harm to the victims who must invest valuable time to clean up this mess upon discovering the malicious software.”
Last year, the FBI identified the first Chinese hacker organization, known as “Volt Typhoon”, which focused on establishing a foothold on critical infrastructure in the United States for cyber disruption.
US officials have described “Volt Typhoon” as a CCP-backed organization, while the CCP claims it is a group selling ransomware.
Wray stated that the operation against “Flax Typhoon” commenced last week, saying, “This is part of our ongoing efforts to take down China’s zombie networks.” He added that similar to “Volt Typhoon”, the target of “Flax Typhoon” was also critical infrastructure.
Wray pledged that the FBI will continue to combat Chinese hackers, noting that the action against “Flax Typhoon” is just “a round in a longer fight”, and that “the Chinese (CCP) government will continue to target your organizations and our critical infrastructure, either directly or through proxies. We will continue to work with our partners to identify their malicious activities, dismantle their hacking operations, and bring them to justice.”