Summary: The U.S. Department of Justice announced the FBI’s successful deletion of Chinese PlugX malware from over 4,200 infected computers across the United States, part of a global takedown operation. The malware, linked to the Mustang Panda group, had been used for cyber espionage against various international targets.
Threat Actor: Mustang Panda | Mustang Panda
Victim: Various organizations | PlugX victims
Key Point :
- The PlugX malware variant had wormable capabilities, allowing it to spread via USB drives.
- Victims included European shipping companies, governments, and worldwide Chinese dissident groups.
- The operation was a collaborative effort with French law enforcement and cybersecurity firm Sekoia.
- The malware has been in use since 2008, primarily for cyber espionage by groups associated with the Chinese Ministry of State Security.
- PlugX features extensive capabilities, including file manipulation, keystroke logging, and command execution.