CyberSecurity updates
2025-02-09 06:19:55 Pacfic

DOJ Removes China's PlugX Malware from US Computers - 24d
DOJ Removes China

The US Department of Justice, with the FBI, conducted a multi-month operation to remove the PlugX malware from over 4,200 infected computers in the United States. PlugX is a remote access trojan (RAT) widely used by threat actors associated with the People’s Republic of China. This action targeted the command and control infrastructure used by these actors to compromise systems, disrupting their ability to maintain persistent access and conduct further malicious activities on affected networks. The operation underscores the US government’s proactive efforts in combating state-sponsored cyber espionage activities, aiming to neutralize threats before they can be further leveraged for malicious purposes.

Law Enforcement Seizes HeartSender Cybercrime Domains - 7d

US and Dutch authorities have seized 39 domains and servers linked to the HeartSender cybercrime group, based in Pakistan. This group, also known as Saim Raza and Manipulators Team, was known for selling hacking and fraud tools. The coordinated law enforcement operation aimed to disrupt the network’s activities, which had caused over $3 million in victim losses.

The HeartSender network had been active since at least 2020, providing malicious software and phishing toolkits to transnational organized crime groups. These tools were marketed as “fully undetectable” and were used for various cybercrimes, including business email compromise (BEC) attacks, identity theft, and credential harvesting. The seizure marks a significant step in combating cybercrime and protecting potential victims from financial losses.