FBI, DOJ, France Eradicate PlugX Malware Globally

The FBI and the Department of Justice, with the cooperation of French law enforcement and cybersecurity firm Sekoia.io, have successfully removed the Chinese-developed PlugX malware from over 4,200 computers in the United States. The malware, attributed to the Chinese hacking group 'Mustang Panda' or 'Twill Typhoon', has been used since at least 2014 to steal information from infected systems across the US, Europe, and Asia. This operation was enabled by a technique, discovered by Sekoia, that exploited the malware's built-in 'self-delete' function, allowing the FBI to command the malware to remove itself without impacting other computer files. The malware, which can spread through USB drives and operate undetected, was part of a broader espionage campaign allegedly supported by the Chinese government. The operation, initiated in August 2024, was part of a larger global effort to combat cyber espionage and protect sensitive information. This unprecedented action reflects the ongoing commitment to fight cyber threats and hold state-sponsored hackers accountable.