Summary: The FBI and DOJ have successfully removed PlugX malware from thousands of U.S. computers, attributed to the Chinese state-backed hacking group Mustang Panda. This operation highlights the ongoing cybersecurity threats posed by state-sponsored actors and the collaborative efforts of international law enforcement to combat them.
Threat Actor: Mustang Panda | Mustang Panda
Victim: U.S. Computers | U.S. Computers
Key Point :
- PlugX malware allows hackers to control and steal information from infected computers.
- The operation involved collaboration with French authorities and cybersecurity firms to identify and delete the malware.
- PlugX has been used by Chinese espionage groups since 2008 and has infected devices globally.
- The DOJ obtained court authorization to delete the malware from approximately 4,258 U.S.-based computers.
- Sekoia developed a method to remotely disinfect infected devices without impacting their legitimate functions.
Source: https://therecord.media/doj-deletes-china-linked-plugx-malware