FBI Removes Chinese PlugX Malware from Thousands of US Computers.

FBI  Removes Chinese PlugX  Malware from  Thousands of US  Computers.
Not a valid attachment ID.
FBI
The US Department of Justice announced today that the FBI has  removed Chinese PlugX malware from  more than 4,200  networked computers across the United  States.
The malware, controlled by the Chinese  cyberespionage group Mustang Panda (also tracked as Twill Typhoon), infected thousands of systems using a PlugX variant with a  worm component that  allows it to spread  via USB  drives.
According to court documents, the list of  targeted victims using this malware includes  "European shipping companies in 2024,  some European  governments from 2021 to 2023, Chinese dissident  groups around the world, and governments  in the Indo-Pacific  region (e.g. Taiwan"). , Hong Kong, Japan, South Korea, Mongolia, India, Myanmar, Indonesia, Philippines, Thailand,  Vietnam and  Pakistan). »
"Once it  infects a victim's computer, the malware remains on the machine (maintains  its persistence), in part by creating registry keys  that automatically run the PlugX application when the computer  boots up, we can read in the  statement. "Owners of computers infected  with the PlugX malware are  usually unaware of the  infection." Threat groups have used it to target government, defense,  technology and political organizations, primarily in Asia and later the rest of the  world. Several PlugX  developers have also been  discovered online, and some security researchers believe  that the  malware's source code  was leaked around 2015. This, combined with  numerous updates to the  tool, makes it very difficult to attribute the  malware's development and use to  a specific individual against a specific threat actor or  agenda.
The PlugX malware  has extensive  functionality that includes collecting system information, uploading and downloading files, logging keystrokes, and executing commands.

[attachment deleted by admin]