How did the FBI have access to the computers to delete the malware in the first place?
this post was submitted on 15 Jan 2025
35 points (97.3% liked)
Cybersecurity
5995 readers
98 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected]
Notable mention to [email protected]
founded 2 years ago
MODERATORS
In the article it reads that the FBI had taken over the server which the PlugX malware connects to. They had the server issue the command to machines that respond to PlugX remote requests, to have PlugX delete its own registry keys and generated files, then create a temporary script to uninstall PlugX and clean remaining traces, and finally run that script which deletes itself at the end.
So the fbi installed their own trojan on thousands of American computers, got it.
No send a signal to already infected devices with the control server of the bad actors them self.
The FBI sending signals to manipulate users sysyems, is technically hacking. White hat possibly, but still hacking.
It's not hacking if they legally own plugx and the end users have given permission to plugx