“An extraordinary approach. The FBI hacked thousands of PCs in the US to get rid of a Chinese virus January 16, 03:05 Share: This is not the first such operation by the FBI (Photo: jetcityimage2/Depositphotos) Author: Anastasia Pechenyuk The US Federal Bureau of Investigation interfered with more than 4,200 American computers as part of operations to find and remove the PlugX Chinese hacker program. The FBI says a Chinese hacking group known as Mustang Panda and Twill Typhoon used malicious software”, — write on: ua.news
This is not the first such FBI operation (Photo: jetcityimage2/Depositphotos)
The Federal Bureau of Investigation of the United States intervened in more than 4,200 American computers as part of an operation to find and remove the program of Chinese hackers PlugX.
The FBI says a Chinese hacking group known as Mustang Panda and Twill Typhoon has been using the PlugX malware to infect thousands of Windows computers in the US, Asia and Europe since at least 2012. The malware, which infects computers via USB ports, runs in the background, allowing hackers to remotely access and execute commands on victims’ computers.
To do this, infected computers communicate with a hacker-controlled command-and-control server whose IP address is hard-coded in the malware. From there, hackers can remotely access users’ files and information about infected computers, such as their IP addresses. According to law enforcement officials, since September 2023, at least 45,000 IP addresses in the US have connected to the command-and-control server.
In cooperation with French law enforcement, which launched its own operation to take down PlugX, the FBI gained access to the command-and-control server and requested the IP addresses of the infected computers. The bureau’s experts then sent their own team to force PlugX to delete the files the software had created on victims’ computers, stop PlugX from running, and delete the malware once it stopped. As part of the operation to find and remove PlugX from infected computers, the FBI hacked about 4,200 computers in the United States.
It will be recalled that last year the FBI similarly dismantled a network of infected Quakbot computers, ordering the devices to download software to remove the malicious software. The agency also remotely jailbroken hundreds of computers to protect them from the Hafnium hack in 2021.