The French police and Europol are pushing out a "disinfection solution" that automatically removes the PlugX malware from infected devices in France.
The operation is conducted by the Center for the Fight Against Digital Crime (C3N) of the National Gendarmerie with assistance by French cybersecurity firm Sekoia, which sinkholed a command and control server for a widely distributed PlugX variant last April.
PlugX is a remote access trojan that has been deployed by multiple Chinese threat actors for a long time. New variants are modified and released according to a malicious campaign's operational needs.
Cybersecurity firm
Sekoia previously reported on a botnet for a PlugX variant that spread through USB flash drives. This botnet was abandoned by its original operator, but it continued to spread independently, infecting almost 2.5 million devices.
