FBI Leads Takedown of Chinese Botnet Impacting 200K Devices
Once a user's device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity.
Stay informed on the FBI's latest cyber security operations, threats, and safety tips. Your source for up-to-date FBI infosec news and insights.
Search across headline titles and summaries.
Background for this topic.
Federal Bureau of Investigation (FBI) is the United States’ principal federal law-enforcement agency and a domestic intelligence authority. In cybersecurity, it investigates cybercrime, digital intrusion, online fraud, and espionage; works with victims and other agencies; and may support disruption operations, prosecutions, or public warnings. FBI references in security news often concern indictments, infrastructure seizures, malware or intrusion advisories, and requests for victim cooperation.
Practitioners can report suspected internet crime through the FBI’s Internet Crime Complaint Center (IC3) or contact a local FBI field office, while preserving relevant logs, messages, and other evidence. FBI engagement can provide threat intelligence, such as indicators of compromise or information about attacker infrastructure, and may affect evidence handling and legal processes. It does not replace containment, recovery, breach assessment, or privacy and regulatory notifications required of the affected organization.
Once a user's device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity.
Global Botnet's Victims Are in United States, Germany, Romania and Hong KongFBI Director Christopher Wray said Wednesday the bureau seized control of a Chinese-developed botnet that maintained access to thousands of compromised devices across the globe as part of an effort to launch widespread disruptive cyberattacks. The botnet is a Mirai variant.
Plus: Wray tells how bureau helps certain victims negotiate with ransomware crooks China-backed spies are said to have tore down their own 260,000-device botnet after the FBI and its international pals went after them.…
The FBI and cybersecurity researchers have disrupted a massive Chinese botnet called "Raptor Train" that infected over 260,000 networking devices to target critical infrastructure in the US and in other countries. [...]
CISA and the FBI urged tech companies to review their software and eliminate cross-site scripting (XSS) vulnerabilities before shipping. [...]