FBI forces Chinese malware to delete itself from thousands of US computers
Self-delete commands sent from commandeered server to malware on infected PCs.
The FBI said today that it removed Chinese malware from 4,258 US-based computers and networks by sending commands that forced the malware to use its "self-delete" function.
The People's Republic of China (PRC) government paid the Mustang Panda group to develop a version of PlugX malware used to infect, control, and steal information from victim computers, the FBI said. "Since at least 2014, Mustang Panda hackers then infiltrated thousands of computer systems in campaigns targeting US victims, as well as European and Asian governments and businesses, and Chinese dissident groups," the FBI said.
The malware has been known for years but many Windows computers were still infected while their owners were unaware. The FBI learned of a method to remotely remove the malware from a French law enforcement agency, which had gained access to a command-and-control server that could send commands to infected computers.
What's Your Reaction?
