US Eliminates Malware Said to Origin from Chinese-Backed Hackers – One America News Network
By Sarah N. Lynch
January 14, 2025 – 8:08 AM PST
Advertisement
WASHINGTON (Reuters) – On Tuesday, the U.S. Justice Department announced that it successfully removed malware from over 4,200 computers that were compromised by a group of hackers allegedly backed by the People’s Republic of China.
This malware, referred to as “PlugX,” impacted countless systems globally and was employed for information theft and other malicious activities, according to the department.
Authorities reported that the malware was spread through infected USB drives by a hacking group known as “Mustang Panda” and “Twill Typhoon.”
Federal court documents submitted to the U.S. District Court for the Eastern District of Pennsylvania claim that the Chinese government funded the Mustang Panda group for developing PlugX. In September 2023, cybersecurity firm Sekoia identified the command and control infrastructure utilized by these hackers and collaborated with French law enforcement to take control of that infrastructure by July 2024, as stated by French officials.
The FBI partnered with French authorities to pinpoint U.S.-based devices affected by the malware, sending commands to eradicate it from each compromised device, as detailed in an FBI affidavit.
This malware has reportedly been deployed since at least 2014, targeting computers in the U.S., Europe, and Asia, as well as machines belonging to Chinese political dissidents.
Reporting by Doina Chiacu and Sarah N. Lynch; Editing by Andrea Ricci
Advertisements below
