Subj : A major FBI operation has deleted Chinese malware from thousands To : All From : TechnologyDaily Date : Wed Jan 15 2025 13:00:04 A major FBI operation has deleted Chinese malware from thousands of US computers Date: Wed, 15 Jan 2025 12:52:00 +0000 Description: More than 4,000 computers in the US alone were reportedly cleaned of the malware. FULL STORY ======================================================================The FBI and international partners sent a self-destruct command to PlugX malware More than 4,000 computers in the US alone were cleaned as a result The malware was developed by a Chinese state-sponsored group French cybersecurity firms and law enforcement agents, together with partners from the United States, have successfully removed Chinese-built malware from thousands of infected PCs. In a press release shared on the US Justice Department ( DoJ) website , it was said a Chinese state-sponsored threat actor called Twill Typhoon (AKA Mustang Panda) built a custom version of the PlugX malware which can infect, control, and steal information from victim computers. Since at least 2014, Mustang Panda hackers then infiltrated thousands of computer systems in campaigns targeting U.S. victims, as well as European and Asian governments and businesses, and Chinese dissident groups, the DoJ said. Kill switch Mustang Panda is a known Chinese cyber-espionage group previously observed targeting government, academic, and religious organizations, particularly in Southeast Asia, Europe, and the United States. The group is recognized for its use of spear-phishing campaigns and custom malware, such as the PlugX backdoor, to steal sensitive information. Their activities often align with China's strategic interests, since they are focused on cyber-espionage and surveillance, rather than profit or disruption. However, cybersecurity researchers from the French outfit Sekoia.io found a way to communicate through PlugXs command & control (C2) infrastructure, allowing them to order the malware to self-destruct. After obtaining the necessary court orders, the researchers, together with the Cyber Division of the Paris Prosecution Office, French Gendarmerie Cyber Unit C3N, the FBI, and the DoJ, ran the campaign and successfully removed the malware from infected computers. The DoJ said that just in the United States alone, 4,258 were cleansed. Commenting on the operation, US Attorney Jacqueline Romero for the Eastern District of Pennsylvania, slammed Chinese reckless and aggressive hackers. This wide-ranging hack and long-term infection of thousands of Windows-based computers, including many home computers in the United States, demonstrates the recklessness and aggressiveness of PRC state-sponsored hackers, she said. You might also like Chinese hackers are switching to new malware for government attacks Here's a list of the best antivirus tools on offer These are the best endpoint protection tools right now ====================================================================== Link to news story: https://www.techradar.com/pro/security/a-major-fbi-operation-has-deleted-chine se-malware-from-thousands-of-us-computers --- Mystic BBS v1.12 A47 (Linux/64) * Origin: tqwNet Technology News (1337:1/100) .