FBI Leads Takedown of Chinese Botnet Impacting 200K Devices

  /     /     /  
Publicated : 23/11/2024   Category : security


FBI Leads Takedown of Chinese Botnet Impacting 200K Devices


Once a users device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity.



The Justice Department today announced a court-authorized operation to disrupt a botnet affecting 200,000 devices in the United States and abroad.
According to unsealed documents, the botnet, known as Raptor Train, is operated by Peoples Republic of China (PRC) state-sponsored hackers working for a company based in Beijing. Known publicly as Integrity Technology Group, it is also known as the advanced persistent threat (APT) group
Flax Typhoon
in the private sector.
A variety of connected and Internet of things (IoT) devices have been affected by the botnet malware, including small-office/home-office (SOHO) routers, Internet protocol cameras, digital video recorders, and network-attached storage (NAS) devices.
According to the Justice Department, the malware connected each of these affected devices to the botnet, which then conducted malicious cyberactivity designed as routine Internet traffic.
Integrity Technology Group, which is responsible for the malicious activities conducted by Flax Typhoon hackers, developed and controlled the botnet. In the past, Flax Typhoon has targeted government agencies, critical manufacturing, and information technology organizations in Taiwan as well as other countries. Not only this, but it has also attacked US and foreign universities, corporations, government organizations, and media organizations, among others. 
The Justice Department is zeroing in on the Chinese government-backed hacking groups that target the devices of innocent Americans and pose a serious threat to our national security,
said US Attorney General Merrick B. Garland
. As we did earlier this year, the Justice Department has
again destroyed a botnet used by PRC-backed hackers
to infiltrate consumer devices here in the United States and around the world. We will continue to aggressively counter the threat that Chinas state-sponsored hacking groups pose to the American people.
The takedown was a joint effort between the FBI, the US Attorneys Office for the Western District of Pennsylvania, and the National Security Cyber Section of the Justice Department’s National Security Division, with collaboration of French authorities, Lumen Technologies, and Black Lotus Labs, the group that first identified the botnet.
Should a user believe that their device is compromised, they can contact an FBI field office directly, report online to CISA, or visit the FBIs Internet Crime Complaint Center (IC3).

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
FBI Leads Takedown of Chinese Botnet Impacting 200K Devices