U.S. authorities removed malware from more than 4,200 computers after hacking groups backed by the Chinese Communist Party compromised them with infected USB devices. ISTOCK
REUTERS
The U.S. Justice Department said January 14 that it has deleted malware planted on more than 4,200 computers by a group of criminal hackers backed by the Chinese Communist Party (CCP). The malware, known as “PlugX,” affected thousands of computers around the globe and was used to infect and steal information, the department said.
Investigators said the malware was installed via infected USB devices by a band of hackers who are known by the names “Mustang Panda” and “Twill Typhoon.” In court records filed in the U.S. District Court for the Eastern District of Pennsylvania, prosecutors allege the Chinese government paid the Mustang Panda group to develop PlugX.
Cybersecurity company Sekoia identified the command and control infrastructure used by the hackers to control this variant of PlugX in September 2023 and subsequently worked with French law enforcement to take over the infrastructure by July 2024, French authorities said.
The FBI worked in conjunction with the French authorities to identify U.S.-based devices targeted by the malware to send commands to self-delete from each device, according to an FBI affidavit. The malware has been used since at least 2014 to target computers in the United States, Europe and Asia, as well as the computers of Chinese political dissidents.