In court records filed in the federal court in Pennsylvania, the FBI said it had observed the malware — typically installed on a target’s device through a computer’s USB port — since as early as 2012, and that the malware had been used by Chinese state-backed hackers since 2014.

Once installed, the malware goes on to “collect and stage the victim’s computer files for exfiltration,” the FBI said. French authorities say the PlugX malware is “used in particular for espionage purposes.”

In its statement Tuesday, the U.S. Justice Department accused the Chinese government of paying the Twill Typhoon group to develop the PlugX malware. China has long denied U.S. allegations of hacking.