The Justice Department and FBI said today they have completed a project to remove malware used by Chinese hackers from computers in the United States. The effort was essentially a court-approved retaliatory attempt to remotely remove malware known as PlugX from more than 4,200 computers. The agencies will notify owners of affected computers in the United States about the transaction through their Internet service providers.
According to the Ministry of Justice press releaseHacking groups known as Mustang Panda and Twill Typhoon have received support from the Chinese government to use PlugX to infect, monitor, and collect information from computers outside of China. The campaign to remove PlugX malware from computers in the United States began in August 2024. It was carried out in collaboration with French law enforcement agencies and the French private cybersecurity company Sekoia.io. Sekoia.io detected PlugX malware in more than 170 countries.
The Mustang Panda group has been conducting infiltration attempts around the world since at least 2014. For example, cybersecurity firm ESET found that Mustang Panda gained access to the computers of trucking companies in Norway, Greece and the Netherlands in March. The group was one of several Chinese-linked hacking organizations that were identified as compromising telecommunications systems in the Asia-Pacific region. reports last summer.