The U.S. Department of Justice announced a court-authorized operation allowing the FBI to remove PlugX malware from over 4,250 infected computers as part of a multi-month effort. PlugX, linked to the China-based hacking group Mustang Panda, enables remote access and data theft. The campaign targeted countries including the U.S., Taiwan, Japan, India, and others. The malware variant spread via USB devices and connected to an attacker-controlled server. Cybersecurity firm Sekoia previously sinkholed the server, enabling a self-delete command to clean compromised systems without affecting legitimate files. This operation highlights the aggressive tactics of PRC-sponsored hackers.

‍