France and Europol’s joint operation to dismantle the PlugX worm botnet, which has impacted millions of devices worldwide, involved the usage of a disinfection solution from Sekoia.io, which had disclosed sinkholing the RAT’s command-and-control server last September. Such a tool was necessary as PlugX was noted by Sekoia to be nonremovable from USB devices even if several of its variants could leverage a self-deletion command on impacted workstations.

Source: SC Magazine