Summary: The FBI, in collaboration with French law enforcement and cybersecurity firm Sekoia.io, successfully utilized the self-delete feature of the PlugX malware to remove it from over 4,200 infected computers in the U.S. This operation targeted the Mustang Panda group, a hacking organization linked to the Chinese government, which has been using PlugX as a Remote Access Trojan since 2008.
Threat Actor: Mustang Panda | Mustang Panda
Victim: U.S. Computer Users | U.S. Computer Users
Keypoints :
- FBI operation led to the deletion of PlugX malware from approximately 4,258 U.S.-based computers.
- Investigators used court-approved access to a command-and-control server to send self-delete commands embedded in the malware.
- Mustang Panda has been linked to numerous cyber operations targeting U.S. and international victims since at least 2014.