FBI Director Wray says bureau stopped second Chinese hacking group

FBI Director Christopher Wray said the agency's Cyber Action Team disrupted a second Chinese hacking group that had infiltrated thousands of devices.

Sep 18, 2024 - 14:00
FBI Director Wray says bureau stopped second Chinese hacking group

The FBI has disrupted a second Chinese hacking group, recovering thousands of compromised devices in what FBI Director Christopher described Wednesday as "just one round in a much longer fight."

Wray spoke at the Aspen Cyber Summit in Washington and said the Chinese hacking group, dubbed "Flax Typhoon," was being run by a Chinese company called Integrity Technology Group.

The company, Wray said, "collected intelligence and performed reconnaissance for Chinese government security agencies" while posing as an IT firm. 

Wray said Flax Typhoon had routed malicious traffic through a network of hijacked devices called a "a botnet." In this case, the devices included cameras and digital storage devices that Wray said are typically found across big and small organizations. He said half of the compromised devices were located in the U.S.

FBI INVESTIGATION OF TRUMP ASSASSINATION ATTEMPT INVOLVES ‘FULL FORCE’ OF THE DEPARTMENT, WRAY SAYS

As an FBI Cyber Action Team tried to gain control over the botnet, the hackers launched a DDOS cyberattack before abandoning the botnet, according to Wray.

Wray said Flax Typhoon operates similarly to a previous hacking group known as "Volt Typhoon," which was first identified last year and has been an ongoing concern.

Wray said in April that Volt Typhoon has embedded itself successfully in several American critical infrastructure companies that include telecommunications, energy and water, and others.

FBI MANHUNT FOR BID LADEN DEPUTY PUTS HEAT ON AL QAEDA'S NEXT GENERATION OF TERRORISTS

Microsoft and Google security experts have previously linked the Volt Typhoon hackers to China and Wray said the effort is connected to U.S.-Chinese tensions around Taiwan. 

Chinese Ministry of Foreign Affairs spokesperson said earlier this year that Volt Typhoon is part of a criminal ramsonware group and is not related to the government. 

Wray said that dealing with the Chinese hacking groups remains an ongoing priority for the FBI.

"The Chinese government is going to continue to target your organizations and our critical infrastructure, either by their own hand or concealed through their proxies," Wray said.

Fox News Digital’s Brie Stimson contributed to this report.