1. Forum
  2. FidoNET
  3. POLITICS

  • FBI deletes Chinese malwa

    From Mike Powell@1:2320/105 to All on Wednesday, January 15, 2025 10:22:00
    A major FBI operation has deleted Chinese malware from thousands of US computers

    Date:
    Wed, 15 Jan 2025 12:52:00 +0000

    Description:
    More than 4,000 computers in the US alone were reportedly cleaned of the malware.

    FULL STORY

    French cybersecurity firms and law enforcement agents, together with partners from the United States, have successfully removed Chinese-built malware from thousands of infected PCs.

    In a press release shared on the US Justice Department ( DoJ) website , it
    was said a Chinese state-sponsored threat actor called Twill Typhoon (AKA Mustang Panda) built a custom version of the PlugX malware which can infect, control, and steal information from victim computers.

    Since at least 2014, Mustang Panda hackers then infiltrated thousands of computer systems in campaigns targeting U.S. victims, as well as European and Asian governments and businesses, and Chinese dissident groups, the DoJ said. Kill switch

    Mustang Panda is a known Chinese cyber-espionage group previously observed targeting government, academic, and religious organizations, particularly in Southeast Asia, Europe, and the United States.

    The group is recognized for its use of spear-phishing campaigns and custom malware, such as the PlugX backdoor, to steal sensitive information. Their activities often align with China's strategic interests, since they are
    focused on cyber-espionage and surveillance, rather than profit or
    disruption.

    However, cybersecurity researchers from the French outfit Sekoia.io found a
    way to communicate through PlugXs command & control (C2) infrastructure, allowing them to order the malware to self-destruct.

    After obtaining the necessary court orders, the researchers, together with
    the Cyber Division of the Paris Prosecution Office, French Gendarmerie Cyber Unit C3N, the FBI, and the DoJ, ran the campaign and successfully removed the malware from infected computers.

    The DoJ said that just in the United States alone, 4,258 were cleansed.

    Commenting on the operation, US Attorney Jacqueline Romero for the Eastern District of Pennsylvania, slammed Chinese reckless and aggressive hackers.

    This wide-ranging hack and long-term infection of thousands of Windows-based computers, including many home computers in the United States, demonstrates
    the recklessness and aggressiveness of PRC state-sponsored hackers, she said.

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/a-major-fbi-operation-has-deleted-chine se-malware-from-thousands-of-us-computers

    $$
    --- SBBSecho 3.20-Linux
    * Origin: capitolcityonline.net * Telnet/SSH:2022/HTTP (1:2320/105)