ANSSI and FBI hack into C2 server to remove PlugX malware
by Angel_Batista - Wednesday January 15, 2025 at 02:15 PM
#1
Quote:A French law enforcement agency has gained access to the C2 server assigned IP address 45.142.166.112. [...] Working with the French law enforcement agency, the FBI can send the self-delete command to the TARGET DEVICES infected with this variant of PlugX malware. [...] The requested warrant was previously issued on August 28, 2024 and has been reissued on a rolling basis since then. The FBI has counted the daily number of TARGET DEVICES that communicated with the C2 server and were sent the command to self-delete the PlugX malware. As of December 17, 2024, the self-delete command has been sent to thousands of unique IP addresses, with a consistent rate of disinfection.
For 5 months, FBI has been using Mustang Panda's C2 server that was hacked by a "French law enforcement agency" (ANSSI) to remove malware from American computer using commands sent via said C2 server.
I'm Usami...Magical Miracle Girl ★ Usami. I'm an itty bitty girl who's sweet like milk!
[Image: ydyjsk.png]
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  CISA Warns of Resurge Malware Connected to Ivanti Vuln KingDice 0 201 04-03-2025, 12:52 PM
Last Post: KingDice
  RESURGE Malware Exploits Ivanti Flaw with Rootkit and Web Shell Features KingDice 0 214 03-31-2025, 08:41 AM
Last Post: KingDice
  New Crocodilus malware steals Android users’ crypto wallet keys KingDice 2 246 03-31-2025, 07:55 AM
Last Post: KingDice
  Russian spies had access to EMA systems for four months in 2020 hack: report ewxrbg 0 444 02-20-2025, 11:44 AM
Last Post: ewxrbg
  Android malware found on Amazon Appstore disguised as health app KingDice 0 650 12-23-2024, 08:37 AM
Last Post: KingDice

Forum Jump:


 Users browsing this thread: