ranzware
Doctor, heal thyself. Or, in this case, malware, self-destruct. A joint press release from the US Justice Department and the FBI has announced a multi-month law enforcement operation involving multiple international partners that has succeeded in removing malware from over 4,000 US computers—by telling it to delete itself.
The malware in question is known as PlugX, and it’s a particularly nasty remote access trojan that’s believed to have been around since 2008 and is said to have been a favourite tool of a hacking group referred to as “Mustang Panda”(via Gizmodo). The malware receives commands via a control server, one of which the FBI gained access to with the help of the French authorities in order to identify the IP addresses of PlugX-affected computers.
Once the infected PCs were identified, the FBI then sent commands of its own via the now-compromised server, instructing it to delete itself remotely.
4,285 US machines were healed in this manner, the FBI says, with many thousands more cleansed in a similar fashion by partner law enforcement agencies around the world.
If this were a hacker movie under my direction, however, here’s the point where I’d cut to a shadowy room and an ominous soundtrack.
While this is certainly a victory for the authorities, the likelihood is high that PlugX infections are much more widespread than indicated by this relatively small batch. Cybersecurity firms have long been aware of widespread usage of the trojan, and it’s estimated that roughly 2.5 million devices were infected back in 2024.
These infected devices were discovered by pinging outwards from a different command-and-control server—and the data suggests that, far from being nipped in the bud, PlugX may well be chugging away in the background of a significant portion of PCs as we speak.
So, a small victory in the grand scale of things, it seems. That being said, the method of attack here has a beautiful simplicity to it. It reminds me of James Bond movies, where the evil villain’s lair has a big red button marked “destroy my nefarious plan instantly” that our noble hero must endeavour to press at all costs.
Except this time, it involved keyboards and code prompts rather than Walther PPKs and a tricked-out Aston Martin. Not quite as glamorous is it? Still, vodka martinis all round, I reckon. The world is ever so slightly safer today, and in these troubled times, I’ll take it.
Source link
Kurt Indovina
Add comment