A malware family known as PlugX is designed to remotely control infected machines, a threat that's existed since 2008. A specific variant of this Remote Access

The FBI said today that it removed Chinese malware from 4,258 US-based computers and networks by sending commands that forced the malware to use its "self-delete" function.

After obtaining the necessary court orders, the researchers, together with the Cyber Division of the Paris Prosecution Office, French Gendarmerie Cyber Unit C3N, the FBI, and the DoJ, ran the campaign and successfully removed the malware from infected computers.

The FBI and French authorities conducted an international operation to remotely delete Chinese malware used by Beijing-linked hackers to steal data from thousands of U.S., European, and Asian computer networks,

To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to the FBI, at least 45,000 IP addresses in the US had back-and-forths with the command-and-control server since September 2023.

Law enforcement turns the PlugX malware’s own self-delete mechanism against it, nuking the China-linked trojan from thousands of US machines.

The FBI hacked about 4,200 computers across the US as part of an operation to find and delete PlugX, a malware used by state-backed hackers in China to steal information from victims, the Department of Justice announced on Tuesday.

The U.S. Department of Justice and the FBI have concluded an extensive international operation that successfully removed PlugX malware from more than 4,200 computers across the United States.