FBI Confirms It Deleted Files From 4,258 U.S.-Based Computers

by · Forbes
FBI has remotely deleted malware from more than 4,000 US computers.getty

The threat of cyberattack is never far away, be that by Amazon ransomware actors with an impossible-to-recover-from threat, or Windows zero-day exploits and even the hacking of the iPhone USB-C port. Luckily, the Federal Bureau of Investigation is also never far away when it comes to warnings about such attacks and hacker threats. But eyebrows will surely be raised just a little as the FBI and Department of Justice have confirmed that thousands of U.S. computers and networks were accessed to remove malware files remotely. Here’s what you need to know.

Court-Authorized FBI Operation Remotely Deletes PlugX Malware From 4,258 U.S. Computers

The U.S. Department of Justice and the FBI have confirmed that a court-authorized operation allowed the remote removal of malware files from 4,258 U.S.-based computers. The operation, targeting the PlugX malware variant as used by what are said to be China-backed threat actors, was, the Jan. 14 statement said, designed to take down a version of PlugX used by the group known as Mustang Panda or Twill Typhoon, capable of controlling infected computers to steal information.

According to court documents, the DoJ said, the People’s Republic of China government “paid the Mustang Panda group to develop this specific version of PlugX,” which has been in use since 2014 and infiltrated thousands of computer systems in campaigns targeting U.S. victims.

“The FBI acted to protect U.S. computers from further compromise by PRC state-sponsored hackers,”Assistant Director Bryan Vorndran of the FBI’s Cyber Division, said, adding that the announcement “reaffirms the FBI’s dedication to protecting the American people by using its full range of legal authorities and technical expertise to counter nation-state cyber threats.”

MORE FOR YOU
‘American Primeval’ Dethroned In Netflix’s Top 10 List By A New Show
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment
Bitcoin Price Surges After Leak Reveals Imminent Trump Game-Changer—$100 Trillion Predicted

Thousands of U.S. computers and networks, estimated at 4,258 by the DoJ, were identified by the FBI in the technical operation to detect and delete the malware threat remotely. The first of nine warrants was obtained in August 2024 in the Eastern District of Pennsylvania authorizing the deletion of PlugX from U.S.-based computers, the last expired on Jan. 3. “The FBI tested the commands, confirmed their effectiveness, and determined that they did not otherwise impact the legitimate functions of, or collect content information from, infected computers,” the statement said.