A recent cyber threat originating from China has been successfully neutralized by the FBI through a court-ordered removal of malicious code from thousands of Windows PCs.
The PlugX malware, which impacted over 2.5 million devices globally by spreading through infected USB drives, has now been eradicated in the U.S. with the assistance of the Justice Department, according to PCMag.
The FBI, in collaboration with law enforcement, has obtained legal authorization to eliminate the malware from approximately 4,260 computers and networks across the country. Affected device owners will be notified through their internet service providers as part of the resolution process.
This incident highlights the ongoing necessity for cybersecurity vigilance. The Justice Department disclosed that the cyberattack was orchestrated by a Chinese state-sponsored group known as “Mustang Panda,” who customized a variant of the PlugX malware for their operations.
Initially discovered in 2008 as a backdoor exploit for controlling Windows systems, PlugX evolved by 2020 to infect USB drives and connected PCs, making it a “wormable” threat capable of spreading through peripherals.
Observations from cybersecurity experts revealed that Mustang Panda eventually abandoned the project due to resource constraints, while collaborative efforts between security firms identified a self-destruct mechanism within the malware code.
In a coordinated effort, law enforcement agencies in France activated the self-delete feature to cleanse infected machines, a process subsequently adopted by 22 other countries to mitigate the threat.
Although the specific method for removing the malware from U.S. systems remains undisclosed, the FBI assured in an affidavit that the self-delete command is effective in eliminating the malicious code without causing any additional harm to the devices.
