A hacking campaign known as Flax Typhoon has been interrupted by the US Federal Bureau of Investigation, affecting 250,000 devices allegedly at the behest of the Chinese government.
The hack targeted government agencies, universities, media organisations and corporations, attempting to influence critical infrastructure.
The group built up a “botnet” of compromised devices including cameras, digital storage devices, and even smart appliances to enable the theft of information and the distribution of malware.
The FBI is pointing the finger at a Chinese IT company called Integrity Technology Group, which the US claims "collected intelligence and performed reconnaissance for Chinese government security agencies".
Chinese government denies involvement
While the FBI has made its allegations at the Aspen Cyber Summit, they were also joined publicly by cyber officials from Britain, Canada, New Zealand and Australia on Wednesday.
Beijing claims the group is unaffiliated and is instead an illegal ransomware gang.
The Chinese Embassy in Washington responded with a statement accusing the US authorities of having “jumped to an unwarranted conclusion and made groundless accusations against China,” and insisting the Chinese government punishes “all forms of cyberattacks".
The hackers attempted to launch a cyberattack when the FBI wrested control of the botnet from them, before abandoning the fight.
FBI Director Chris Wray said the Flax Typhoon disruption was part of an ongoing effort to “take China's botnets offline".
“This was another successful disruption but make no mistake — it’s just one round in a much longer fight,” Wray said.
“The Chinese government is going to continue to target your organisations and our critical infrastructure, either by their own hand or concealed through their proxies, and we’ll continue to work with our partners to identify their malicious activity, disrupt their hacking campaigns, and bring them to light.”