DOJ confirms FBI operation that mass-deleted Chinese malware from thousands of US computers
U.S. authorities have confirmed that they disrupted the operations of a Chinese state-backing hacking group, which infiltrated millions of computers worldwide to steal data as part of a years-long espionage campaign.
The Department of Justice and the FBI said on Tuesday that they had successfully deleted the malware planted by the China-backed hacking group, known as “Twill Typhoon” or “Mustang Panda,” from thousands of infected systems across the United States during a court-authorized operation in August 2024.
French authorities led the operation with assistance from Paris-based cybersecurity company Sekoai. In a press release last year, French prosecutors said the malware — known as “PlugX” — had infected several million computers globally, including 3,000 devices located in France.
Sekoia said in a blog post that it developed the capability to send commands to infected devices in order to delete the PlugX malware. U.S. authorities said that the operation was used to delete the malware from more than 4,200 infected computers in the United States.