Security vulnerabilities in remote desktop applications such as Sunlogin and AweSun are being exploited to deploy the PlugX malware. PlugX malware is a RAT (Remote Access Trojan) malware family that has been in existence since 2008 and is used as a backdoor to control your computer fully. Once your computer/server is infected, an attacker will remotely execute several kinds of commands on the affected system.
Abilities
Additionally, one of the most notable features of the backdoor is its ability to:
Transmits collected information
Request command again
Plugin-related
Reset connection
Auto-delete
Upload configuration data
Update configuration data
Pings port 53 from the transmitted address
Download and execute files from an external source
Start service