Summary: The U.S. Department of Justice announced a successful operation by the FBI to remove PlugX malware from over 4,250 infected computers, linked to the Mustang Panda hacking group associated with China. This operation is part of a broader effort to combat state-sponsored cyber threats targeting various nations and organizations.
Threat Actor: Mustang Panda | Mustang Panda
Victim: Various targets including U.S. and international organizations | U.S. and international organizations
Key Point :
- The FBI executed a court-authorized operation to delete PlugX malware from infected systems.
- Mustang Panda has been active since at least 2014, targeting numerous countries and organizations.
- The operation involved issuing self-delete commands that did not affect legitimate files on the devices.
- As many as 59,475 disinfection payloads were deployed targeting 5,539 IP addresses across 10 countries.
- The malware was known to spread via USB devices and communicated with an attacker-controlled server.
Source: https://thehackernews.com/2025/01/fbi-deletes-plugx-malware-from-4250.html