Summary: The U.S. Department of Justice announced a successful operation by the FBI to remove PlugX malware from over 4,250 infected computers, linked to the Mustang Panda hacking group associated with China. This operation is part of a broader effort to combat state-sponsored cyber threats targeting various nations and organizations.

Threat Actor: Mustang Panda | Mustang Panda
Victim: Various targets including U.S. and international organizations | U.S. and international organizations

Key Point :

• The FBI executed a court-authorized operation to delete PlugX malware from infected systems.
• Mustang Panda has been active since at least 2014, targeting numerous countries and organizations.
• The operation involved issuing self-delete commands that did not affect legitimate files on the devices.
• As many as 59,475 disinfection payloads were deployed targeting 5,539 IP addresses across 10 countries.
• The malware was known to spread via USB devices and communicated with an attacker-controlled server.