Tuesday, May 13, 2025
No Result
View All Result
The AZB More Than Just News
  • HOME
  • Latest News
  • Business
  • PAKISTAN
  • SPORTS
  • WORLD
  • E-Paper
  • SCI-TECH
  • BANKING
  • ARTICLES
  • OPINION
  • MORE
    • MOBILE
    • TELECOM
    • PERSONALITY
    • HEALTH / EDUCATION
  • HOME
  • Latest News
  • Business
  • PAKISTAN
  • SPORTS
  • WORLD
  • E-Paper
  • SCI-TECH
  • BANKING
  • ARTICLES
  • OPINION
  • MORE
    • MOBILE
    • TELECOM
    • PERSONALITY
    • HEALTH / EDUCATION
No Result
View All Result
Daily The Azb
No Result
View All Result
Home ARTICLES

Court-Authorised Operation Disrupts Worldwide Botnet Used by People’s Republic of China State-Sponsored Hackers.

News Desk
September 19, 2024
Court-Authorised Operation Disrupts Worldwide Botnet Used by People’s Republic of China State-Sponsored Hackers.
Share on FacebookShare on Twitter

Actors Unsuccessfully Sought to Prevent FBI’s Disruption of Botnet.

Washington DC : The Justice Department today announced a court-authorized law enforcement operation that disrupted a botnet consisting of more than 200,000 consumer devices in the United States and worldwide. As described in court documents unsealed in the Western District of Pennsylvania, the botnet devices were infected by People’s Republic of China (PRC) state-sponsored hackers working for Integrity Technology Group, a company based in Beijing, and known to the private sector as “Flax Typhoon.”

The botnet malware infected numerous types of consumer devices, including small-office/home-office (SOHO) routers, internet protocol (IP) cameras, digital video recorders (DVRs), and network-attached storage (NAS) devices. The malware connected these thousands of infected devices into a botnet, controlled by Integrity Technology Group, which was used to conduct malicious cyber activity disguised as routine internet traffic from the infected consumer devices. The court-authorized operation took control of the hackers’ computer infrastructure and, among other steps, sent disabling commands through that infrastructure to the malware on the infected devices. During the course of the operation, there was an attempt to interfere with the FBI’s remediation efforts through a distributed denial-of-service (DDoS) attack targeting the operational infrastructure that the FBI was utilizing to effectuate the court’s orders. That attack was ultimately unsuccessful in preventing the FBI’s disruption of the botnet.

“The Justice Department is zeroing in on the Chinese government backed hacking groups that target the devices of innocent Americans and pose a serious threat to our national security,” said Attorney General Merrick B. Garland. “As we did earlier this year, the Justice Department has again destroyed a botnet used by PRC-backed hackers to infiltrate consumer devices here in the United States and around the world. We will continue to aggressively counter the threat that China’s state- sponsored hacking groups pose to the American people.”

“Our takedown of this state-sponsored botnet reflects the Department’s all-tools approach to disrupting cyber criminals. This network, managed by a PRC government contractor, hijacked hundreds of thousands of private routers, cameras, and other consumer devices to create a malicious system for the PRC to exploit,” said Deputy Attorney General Lisa Monaco. “Today should serve as a warning to cybercriminals preying on Americans – if you continue to come for us, we will come for you.”

“This dynamic operation demonstrates, once again, the Justice Department’s resolve in countering the threats posed by PRC state-sponsored hackers,” said Assistant Attorney General Matthew G. Olsen of the National Security Division. “For the second time this year, we have disrupted a botnet used by PRC proxies to conceal their efforts to hack into networks in the U.S. and around the world to steal information and hold our infrastructure at risk. Our message to these hackers is clear: if you build it, we will bust it.”

“The disruption of this worldwide botnet is part of the FBI’s commitment to using technical operations to help protect victims, expose publicly the scope of these criminal hacking campaigns, and to use the adversary’s tools against them to remove malicious infrastructure from the virtual battlefield,” said FBI Deputy Director Paul Abbate. “The FBI’s unique legal authorities allowed it to lead an international operation with partners that collectively disconnected this botnet from its China-based hackers at Integrity Technology Group.”

“The targeted hacking of hundreds of thousands of innocent victims in the United States and around the world shows the breadth and aggressiveness of PRC state-sponsored hackers,” said U.S. Attorney Eric G. Olshan for the Western District of Pennsylvania. “This court-authorized operation disrupted a sophisticated botnet designed to steal sensitive information and launch disruptive cyber attacks. We will continue to work with our partners inside and outside government, using every tool at our disposal, to defend and maintain global cybersecurity.”

“The FBI’s investigation revealed that a publicly-traded, China-based company is openly selling its customers the ability to hack into and control thousands of consumer devices worldwide. This operation sends a clear message to the PRC that the United States will not tolerate this shameless criminal conduct,” said Special Agent in Charge Stacey Moy of the FBI San Diego Field Office.

According to the court documents, the botnet was developed and controlled by Integrity Technology Group, a publicly-traded company headquartered in Beijing. The company built an online application allowing its customers to log in and control specified infected victim devices, including with a menu of malicious cyber commands using a tool called “vulnerability-arsenal.” The online application was prominently labelled “KRLab,” one of the main public brands used by Integrity Technology Group.

The FBI assesses that Integrity Technology Group, in addition to developing and controlling the botnet, is responsible for computer intrusion activities attributed to China-based hackers known by the private sector as “Flax Typhoon.” Microsoft Threat Intelligence described Flax Typhoon as nation-state actors based out of China, active since 2021, who have targeted government agencies and education, critical manufacturing, and information technology organizations in Taiwan, and elsewhere. The FBI’s investigation has corroborated Microsoft’s conclusions, finding that Flax Typhoon has successfully attacked multiple U.S. and foreign corporations, universities, government agencies, telecommunications providers, and media organizations.

A cybersecurity advisory describing Integrity Technology Group tactics, techniques and procedures was also published today by the FBI, the National Security Agency, U.S. Cyber Command’s Cyber National Mission Force, and partner agencies in Australia, Canada, New Zealand and the United Kingdom. 

The government’s malware disabling commands, which interacted with the malware’s native functionality, were extensively tested prior to the operation. As expected, the operation did not affect the legitimate functions of, or collect content information from, the infected devices. The FBI is providing notice to U.S. owners of devices that were affected by this court-authorized operation. The FBI is contacting those victims through their internet service provider, who will provide notice to their customers.

The FBI’s San Diego Field Office and Cyber Division, the U.S. Attorney’s Office for the Western District of Pennsylvania, and the National Security Cyber Section of the Justice Department’s National Security Division led the domestic disruption effort. Assistance was also provided by the Criminal Division’s Computer Crime and Intellectual Property Section. These efforts would not have been successful without the collaboration of partners, including French authorities, and Lumen Technologies’ threat intelligence group, Black Lotus Labs, which first identified and described this botnet, which it named Raptor Train, in July 2023.

If you believe you have a compromised computer or device, please visit the FBI’s Internet Crime Complaint Center (IC3) or report online to CISA. You may also contact your local FBI field office directly.

The FBI continues to investigate Integrity Technology Group’s and Flax Typhoon’s computer intrusion activities.

News Desk

News Desk

Welcome to our web desk! We're a dedicated team of digital enthusiasts passionate about delivering timely and engaging content to our online audience.

Related Posts

Termez platform – dialogue for ensuring security and stability in Central and South Asia
ARTICLES

Termez platform – dialogue for ensuring security and stability in Central and South Asia

May 12, 2025
Pakistan’s Strategic Supremacy and the Myth of Chinese Dominance: A Reassessment of the May 2025 India-Pakistan Conflict
ARTICLES

Pakistan’s Strategic Supremacy and the Myth of Chinese Dominance: A Reassessment of the May 2025 India-Pakistan Conflict

May 12, 2025
A guide to Dubai’s stunning beaches
ARTICLES

A guide to Dubai’s stunning beaches

May 12, 2025
Kaukab Iqbal During The visit Samir Mir Sheikh house I found in His house Parking his car
Business

Kaukab Iqbal During The visit Samir Mir Sheikh house I found in His house Parking his car

May 12, 2025
Kaukab Iqbal met with Dearest Friend Like Brother Samir Mir Sheikh
Business

Kaukab Iqbal met with Dearest Friend Like Brother Samir Mir Sheikh

May 11, 2025
How President Trump and Secretary Rubio brought 
Headline

How President Trump and Secretary Rubio brought 

May 10, 2025
Man Sentenced to Over 30 Years in Prison for Crypto-Terror Financing Scheme
Headline

Man Sentenced to Over 30 Years in Prison for Crypto-Terror Financing Scheme

May 9, 2025
Dr. Gholam Mujtaba, met Indian American Leaders?Chairman, Pakistan Policy Institute USA | Senior Republican Leader
Headline

Dr. Gholam Mujtaba, met Indian American Leaders?Chairman, Pakistan Policy Institute USA | Senior Republican Leader

May 7, 2025
Legal Aid Society of Pakistan Receives 2025 Community Champion Award from Street Law, Inc.
Business

Legal Aid Society of Pakistan Receives 2025 Community Champion Award from Street Law, Inc.

May 6, 2025
Clean Energy Shift Meets Resistance
ARTICLES

Clean Energy Shift Meets Resistance

May 5, 2025
Next Post
EFU Life launches Aasaan Product Range.

EFU Life launches Aasaan Product Range.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *


Most Popular

Sajal Malik Video Leak Sparks Controversy as Fans and Critics Debate

Zarnab Shastri’s Private Videos Leaked Amid Manahil Malik’s Controversy

Another leak: TikToker Somal Mohsin’s private videos go viral

Another obscene video of Minahil Malik goes viral

Torino Comics Honors Akira Toriyama, Creator of Dragon Ball and Dr. Slump

Must Read

TPL Trakker’s
SCI-TECH

TPL Trakker’s Location Based Services to Bykea’s App.

August 12, 2020
Discover Nujuma: A Ritz-Carlton Reserve in Saudi’s Red Sea.
WORLD

Discover Nujuma: A Ritz-Carlton Reserve in Saudi’s Red Sea.

June 7, 2024
The Azb is a 24/7 online news platform that covers a wide range of topics including business, economics, technology, finance, travel, fashion, and lifestyle.

Quick Links

  • Home
  • About us
  • SCI-TECH
  • Live TV
  • Banking

Useful Links

  • Videos
  • Reviews
  • Advertorial
  • Photos
  • About us
  • Author
  • Home
  • Latest News
  • Partner
  • Privacy Policy
  • Russian Theatre Group Celebrates Fifth Anniversary in Pakistan.
  • Terms and Conditions
  • The Azb – More Than Just News
  • Contact

© Copyright 2024 theazb. All Rights Reserved.

No Result
View All Result
  • HOME
  • Latest News
  • Business
  • PAKISTAN
  • SPORTS
  • WORLD
  • E-Paper
  • SCI-TECH
  • BANKING
  • ARTICLES
  • OPINION
  • MORE
    • MOBILE
    • TELECOM
    • PERSONALITY
    • HEALTH / EDUCATION

© Copyright 2024 theazb. All Rights Reserved.