PHILADELPHIA (KYW Newsradio) — Federal authorities say they ran a court-approved operation to identify and remotely delete malware from China-backed hackers from thousands of computers, including in Pennsylvania.
The U.S. Attorney's Office in the Eastern District of Pennsylvania announced on Tuesday that the FBI obtained nine warrants, from August of 2024 to Jan. 3, 2025, to investigate malware called PlugX, which they say has been infecting Windows-based computers throughout the world since 2014.
That allowed the FBI to identify and remotely delete the harmful software malware from 4,258 computers. Users whose computers were affected will be contacted by the FBI through their internet service providers.
According to court documents, the People’s Republic of China paid a group of hackers calling themselves “Mustang Panda” to develop the malware in order to exploit systems and collect personal data from computers in the United States, as well as throughout Europe and Asia.
The operation was spearheaded by French law enforcement as well as a private French cybersecurity firm called Sekoia.io, which had discovered how to allow the FBI to remotely delete PlugX from computers. The FBI was able to remove the malware without affecting other files.