The US Justice Department said it has deleted malware planted on more than 4200 computers by a group of criminal hackers who were backed by the People’s Republic of China.
The malware, known as “PlugX,” affected thousands of computers around the globe and was used to infect and steal information, the department said.
Investigators said the malware was installedĀ via infected USB devices by a band of hackers who are known by the names “Mustang Panda” and “Twill Typhoon.”
In court records filed in the USĀ District Court for the Eastern District of Pennsylvania, prosecutors allege that the Chinese government paid the Mustang Panda group to develop PlugX.
Cyber security company Sekoia identified the command and control infrastructure used by the hackers to control this variant of PlugX in September 2023 and subsequently worked with French law enforcement to take over the infrastructure by July 2024, French authorities said at the time.
The FBI worked in conjunction with the French authorities to identify US-based devices targeted by the malware to send commands to self-delete from each device, according to an FBI affidavit.
The malware has been used since at least 2014 to target computers in the United States, Europe and Asia, as well as the computers of Chinese political dissidents.