A man surrounded by several computers types on a laptop.
DT

A malware originating in China were localized after FBI received a court order to remove malicious code from thousands of computers running Windows.

The agency successfully ended the reign of PlugX malware in the US, which affected more than 2.5 million devices worldwide by infiltrating infected USB drives, PCMag notes.

Recommended Videos

Working with the FBI, the Justice Department confirmed that as of Tuesday it had been granted judicial authorization to remove malware from nearly 4,260 computers and networks in the United States. After the announcement of the resolution, the FBI is ready to notify owners of infected machines through their Internet providers.

This is just one example of how federal agencies are gaining control over a major cybersecurity risk. However, his resolution points to the importance of ongoing research in the field of cybersecurity. The DOJ clarified that behind the attack was a private Chinese state-sponsored hacker group called Mustang Panda, which developed a unique version of the PlugX malware for the current mission.

PlugX first appeared in 2008, when it was used as a backdoor to allow attackers to secretly control Windows computers. By 2020, the malware was updated to allow it to penetrate USB drives and computers connected to them. This malware is called a worm, which can be transmitted between computers through infected peripherals.

French cybersecurity provider Sekoia noticed that Mustang Panda ultimately did not have enough resources to support the number of computers it infected with PlugX malware and ultimately abandoned the project.

Likewise, antivirus maker Sophos discovered multiple PlugX infections originating from the same source IP address. In September 2023, in collaboration with Sekoia, the cybersecurity provider paid just $7 for access to the IP address and infected machines. Further investigation revealed a self-destruct command in the PlugX code.

In July 2024, French law enforcement authorities allowed the use of a self-removal mechanism to disinfect infected computers. Since then, 22 more countries have followed suit.

While it is unclear how U.S. organizations plan to remove malware from home computers, the FBI said in an affidavit that it has tested this self-removal command, confirming that it only removes malware and does not affect any other device functionality or data transmission. no other unfounded code.

Source: Digital Trends

Previous articleScientists have found a link between smoking and lower income
Next articleDoes Star Wars: The Lost Command have a post-credits scene?
I am Garth Carter and I work at Gadget Onus. I have specialized in writing for the Hot News section, focusing on topics that are trending and highly relevant to readers. My passion is to present news stories accurately, in an engaging manner that captures the attention of my audience.

LEAVE A REPLY

Please enter your comment!
Please enter your name here