Security News > 2024 > July > French police push PlugX malware self-destruct payload to clean PCs

French police push PlugX malware self-destruct payload to clean PCs
2024-07-25 15:24

The French police and Europol are pushing out a "Disinfection solution" that automatically removes the PlugX malware from infected devices in France.

The operation is conducted by the Center for the Fight Against Digital Crime of the National Gendarmerie with assistance by French cybersecurity firm Sekoia, which sinkholed a command and control server for a widely distributed PlugX variant last April.

Sekoia proposed a clean-up mechanism that uses a custom PlugX plugin pushed to infected devices to issue a self-deletion command that removes the infection.

With the Paris 2024 Olympic Games approaching, the French authorities, including all cybersecurity stakeholders, are on high alert, so the risk of PlugX found in 3,000 systems in France was considered unacceptable.

It's worth noting that this particular PlugX variant spreads via infected USB drives, and it is not known if Sekoia's solution includes the ability to remove the malware from removable media.

Police seize over 100 malware loader servers, arrest four cybercriminals.


News URL

https://www.bleepingcomputer.com/news/security/french-police-push-plugx-malware-self-destruct-payload-to-clean-pcs/