“Malware, self-destruct!” The FBI and the U.S. Justice Department have announced a successful multi-month operation with international partners to remove a dangerous malware infecting thousands of computers by commanding it to erase itself.

The malware, known as PlugX, is a powerful remote-access trojan first identified in 2008. It has been linked to the hacking group “Mustang Panda” (via Gizmodo). The malware communicates via a command server, which the FBI, with help from French authorities, gained control of. This allowed them to track the IP addresses of infected devices.

After identifying the compromised PCs, the FBI sent self-delete commands through the compromised server, effectively forcing the malware to erase itself.

The operation successfully cleansed 4,285 infected machines in the U.S., with additional thousands being cleared globally by law enforcement partners.

If this were a Hollywood hacker movie, this would be the scene where shadowy figures and eerie music take center stage.

While this marks a victory for cybersecurity, PlugX infections are likely far more widespread than this operation addressed. Experts estimate that as of 2024, around 2.5 million devices were compromised globally.

Many of these infections were uncovered through a separate command-and-control server sweep, suggesting PlugX may still be running on countless devices unnoticed.

While a small victory, the operation’s simplicity is remarkable. It feels like a James Bond plot, where pressing the villain’s big red “destroy everything” button is the ultimate goal.

This time, though, keyboards replaced gadgets, and code took the place of high-speed chases. Not as glamorous, perhaps, but just as satisfying. A small step towards a safer world—and that’s worth raising a glass to.

Source: PC Gamer