“Tool overlap—particularly the inclusion of ToneShell—strongly links Mustang Panda to this activity. Additionally, technical overlaps in newly discovered tools align with prior Mustang Panda malware, ...

Further espionage attacks involving the same PlugX variant occurred in August, when the attacker compromised the government of a southeastern European country.

Mustang Panda has been active since at least 2014, the recently unveiled FBI affidavit said. The group targeted government and private business organizations based in the US, Europe, and Asia ...

The FBI’s recent operation successfully removed PlugX malware from thousands of U.S. computers. Credit: J / CC BY 2.0 The FBI, with court approval, has remotely removed PlugX malware from 4,258 ...

Citing court documents, in a release, the DoJ says the PRC government paid the Mustang Panda group to, among other computer intrusion services, develop this specific version of PlugX. Since at least ...

The group, Mustang Panda, used malware called PlugX to access thousands of computers worldwide, according to the Justice ...

Mustang Panda is a PRC-funded hacker group responsible for spreading the PlugX malware. Since 2014, the organization used the malware to access thousands of computer systems.

The DOJ and the FBI regarded that the group behind the attack was identified as 'Twill Typhoon' or 'Mustang Panda,' which have massive ties to the People's Republic of China (PRC).

Mustang Panda is a known Chinese cyber-espionage group previously observed targeting government, academic, and religious organizations, particularly in Southeast Asia, Europe, and the United States.

A version of “PlugX” malware used by Chinese state-backed hackers has been deleted from thousands of US computers worldwide following a multi-month law enforcement operation, the US Department of ...