The United States Justice Department has announced that it had dismantled a major cyber attack network believed to be operated by hackers backed by the Chinese government. The network, which infected around 200,000 devices globally, is alleged to have been run by a Beijing-based group.
The malware targeted a variety of consumer electronics, including routers, cameras, digital video recorders, and network-attached storage devices, according to a statement from US authorities. This malicious network, commonly referred to as a “botnet,” was allegedly orchestrated by Chinese state-sponsored hackers employed by the Integrity Technology Group, a company linked to the cyber operation known as ‘Flax Typhoon.’
In a court-approved operation, US authorities successfully took control of the hackers’ infrastructure and disabled the botnet, effectively neutralising the threat.
Several nations, particularly the United States, have raised concerns in recent years about what they claim is Chinese government-backed hacking targeting sensitive sectors such as government agencies, the military, and private businesses. Beijing has consistently denied these allegations.
Earlier in the year, US officials revealed the dismantling of another hacking group, dubbed ‘Volt Typhoon,’ which targeted critical public infrastructure, including water treatment facilities and transport systems, allegedly on behalf of China.
‘Flax Typhoon,’ active since mid-2021, had also targeted numerous Taiwanese government agencies, with Microsoft suggesting the likely objective was espionage. The FBI’s investigation corroborated these findings, revealing that the botnet had successfully compromised a range of institutions, including corporations, universities, government bodies, telecommunications firms, and media outlets in the US and abroad.