Summary: The FBI has successfully taken control of a botnet operated by the Chinese state-backed hacking group Flax Typhoon, which targeted critical infrastructure in the US and abroad. This botnet, comprised of numerous infected consumer devices, was utilized for cyber espionage and disruptive attacks.
Threat Actor: Flax Typhoon | Flax Typhoon
Key Point :
- The botnet targeted a wide range of entities, including corporations, media organizations, universities, and government agencies.
- Infection vectors included SOHO routers, IP cameras, DVRs, and NAS devices, enabling extensive cyber espionage and DDoS attacks.
- The FBI’s operation was conducted with court authorization, allowing them to send disabling commands to the compromised infrastructure.
Original Source: https://www.justice.gov/opa/pr/court-authorized-operation-disrupts-worldwide-botnet-used-peoples-republic-china-state
Cyber Law and Cybercrime Investigation Blog: Immuniweb