新闻来源:www.abcnews.go.com
原文地址:Justice Department disrupts vast Chinese hacking operation that infected consumer devices
新闻日期:2024-09-18
美国联邦调查局(FBI)昨日宣布,已打断一个中国政府指挥的黑客团队「Flax Typhoon」的活动,该团队针对的目标包括大学、政府机构和其他组织。
该黑客团队在超过20万台消费设备上安装了恶意软件,这些设备包括摄像头、视频录像机和家庭及办公室路由器,形成了庞大的「僵尸网络」。这一「僵尸网络」用于实施网络犯罪,如窃取敏感信息。
FBI局长克里斯·韦瑞说:「Flax Typhoon的活动给受害者带来了实际损害,他们需要花费宝贵时间清理问题。」
美国司法部和FBI未透露具体目标名称,但称包括大学、政府机构、通讯服务商、媒体组织及非政府组织。
美国联邦调查局局长克里斯·韦瑞警告:「中国政府将继续攻击我们的组织和关键基础设施,我们将会与合作伙伴一起,识别他们的恶意活动、打断他们的黑客行动,并将这些信息公之于众。」
「Flax Typhoon」在2023年8月被微软报告提及,该团队已经开始针对台湾机构及其他国家的政府机构。
韦瑞局长昨日透露,此次是今年第二次对中国黑客团队的打断行动,此前一次是在他在国会会议上披露的「Volt Typhoon」活动。
原文摘要:
The FBI has disrupted a group of hackers working at the direction of the Chinese government who targeted universities, government agencies and other organizations, Director Chris Wray said Wednesday.
The hacking campaign known as Flax Typhoon installed malicious software on more than 200,000 consumer devices, including cameras, video recorders and home and office routers, to create a massive botnet — a network of infected computers. The botnet was used to facilitate cyber crimes, such as the theft of sensitive information from victims’ networks.
“Flax Typhoon’s actions caused real harm to its victims, who had to devote precious time to clean up the mess when they discovered the malware,” Wray said at the Aspen Cyber Summit.
Speaking at the same conference, Deputy Attorney General Lisa Monaco said the average citizen should care because the case involves “criminal activity, disruptive activity going on in potentially their devices. And, and it is part of a broader ecosystem that malicious cyber actors are using.”
The FBI and Justice Department, which obtained a warrant to seize the botnet’s infrastructure, did not identify any of the targets by name but said they included universities, government agencies, telecommunications providers, media organizations and nongovernmental organizations. Half of the hijacked devices were located in the U.S., Wray said.
“This was another successful disruption, but make no mistake — it’s just one round in a much longer fight,” Wray said. “The Chinese government is going to continue to target your organizations and our critical infrastructure, either by their own hand or concealed through their proxies, and we’ll continue to work with our partners to identify their malicious activity, disrupt their hacking campaigns, and bring them to light.”
Flax Typhoon was described in a Microsoft report in August 2023 that said the group had stepped up its targeting of Taiwanese organizations as well as government agencies in other countries.
The disruption was revealed nine months after Wray disclosed to Congress a separate takedown of a Chinese state-sponsored hacking group known as Volt Typhoon, in which U.S.-based small office and home routers owned by private citizens and companies were hijacked by hackers to cover their tracks as they sowed the malware. Their ultimate targets included water treatment plants, the electrical grid and transportation systems across the U.S.
