A hacker group known as Flax Typhoon was able to infect hundreds of thousands of devices around the world, authorities said. China has denied any involvement in the malicious botnet.
The FBI said on Wednesday that it had disrupted a Chinese hacking group nicknamed “Flax Typhoon” that targeted critical infrastructure in the United States.
The Flax Typhoon hackers installed malicious software on thousands of computers and other internet-connected devices including cameras, video recorders and routers.
This created a botnet — a massive network of infected computers.
Universities, government agencies, telecommunications providers, media organizations and NGOs were among the targets, the FBI said.
“Flax Typhoon’s actions caused real harm to its victims, who had to devote precious time to clean up the mess when they discovered the malware,” said FBI director Chris Wray.
China blamed for botnet
Wray said Flax Typhoon was being run by a Chinese company called the Integrity Technology Group, which posed as an IT firm but also “collected intelligence and performed reconnaissance for the Chinese government and security agencies.”
In a separate advisory on Wednesday, Australian, British and Canadian law enforcement also accused the Integrity Technology Group of being behind the botnet, which they said had compromised more than 250,000 devices around the world.
“This was another successful disruption, but make no mistake — it’s just one round in a much longer fight,” Wray said.
“The Chinese government is going to continue to target your organizations and our critical infrastructure, either by their own hand or concealed through their proxies, and we’ll continue to work with our partners to identify their malicious activity, disrupt their hacking campaigns, and bring them to light.”
The Chinese embassy in Washington denied the accusations and said Beijing cracks down “all forms of cyberattacks.”
It accused US authorities of having “jumped to an unwarranted conclusion and made groundless accusations against China.”