Hacking group dubbed Flax Typhoon run by Chinese company posing at IT firm, Wray says
The FBI has disrupted a second Chinese hacking group, recovering thousands of compromised devices in what FBI Director Christopher described Wednesday as "just one round in a much longer fight."
Wray spoke at the Aspen Cyber Summit in Washington and said the Chinese hacking group, dubbed "Flax Typhoon," was being run by a Chinese company called Integrity Technology Group.
The company, Wray said, "collected intelligence and performed reconnaissance for Chinese government security agencies" while posing as an IT firm.
Wray said Flax Typhoon had routed malicious traffic through a network of hijacked devices called a "a botnet." In this case, the devices included cameras and digital storage devices that Wray said are typically found across big and small organizations. He said half of the compromised devices were located in the U.S.
FBI INVESTIGATION OF TRUMP ASSASSINATION ATTEMPT INVOLVES ‘FULL FORCE’ OF THE DEPARTMENT, WRAY SAYS
Wray said the hacking group was sponsored by the Chinese government. (Kevin Dietsch/Getty Images, File)
As an FBI Cyber Action Team tried to gain control over the botnet, the hackers launched a DDOS cyberattack before abandoning the botnet, according to Wray.
Wray said Flax Typhoon operates similarly to a previous hacking group known as "Volt Typhoon," which was first identified last year and has been an ongoing concern.
The hacking group launched a DDOS cyberattack on the FBI as agents tried to take control of the botnet, Wray said. The group eventually abandoned the botnet. (iStock)
Wray said in April that Volt Typhoon has embedded itself successfully in several American critical infrastructure companies that include telecommunications, energy and water, and others.
FBI MANHUNT FOR BID LADEN DEPUTY PUTS HEAT ON AL QAEDA'S NEXT GENERATION OF TERRORISTS
Microsoft and Google security experts have previously linked the Volt Typhoon hackers to China and Wray said the effort is connected to U.S.-Chinese tensions around Taiwan.
A Chinese Ministry of Foreign Affairs spokesperson said earlier this year that Volt Typhoon is part of a criminal ramsonware group and is not related to the government.
Wray said that dealing with the Chinese hacking groups remains an ongoing priority for the FBI.
"The Chinese government is going to continue to target your organizations and our critical infrastructure, either by their own hand or concealed through their proxies," Wray said.
Fox News Digital’s Brie Stimson contributed to this report.