French Police Distribute "Disinfection Solution" For the PlugX Malware
French police and Europol, assisted by cybersecurity firm Sekoia, are deploying a "disinfection solution" in France to remove PlugX malware from infected devices.
The operation, led by the Center for the Fight Against Digital Crime (C3N) of the National Gendarmerie, involves sinkholing a PlugX command and control server previously controlled by Chinese threat actors.
This remote access trojan, used in various malicious campaigns, continues to evolve with new variants tailored to specific operations.
Sekoia's initiative included taking over a botnet associated with a PlugX variant, which had independently infected nearly 2.5 million devices via USB flash drives. The firm sinkholed the botnet's command and control infrastructure, preventing further commands to infected devices, although the malware remained active, posing ongoing security risks. Read more...