MalwareMay 7, 2026
Looks the Outlook Web App of "Mpumalanga Department of Social Development (a provincial governmen...
South African provincial government's Outlook Web App compromised to host PlugX malware samples.
Summary
The Outlook Web App infrastructure of Mpumalanga Department of Social Development, a provincial government entity in South Africa, has been compromised and is being actively used to distribute PlugX malware samples. PlugX is a modular remote access trojan historically associated with Chinese state-sponsored threat actors. This indicates either a direct breach of government systems or compromise of legitimate infrastructure for malware distribution.
Indicators of Compromise
- malware — PlugX
Entities
PlugX operators (likely Chinese state-sponsored) (threat_actor)Outlook Web App (product)PlugX (product)