The police remotely removed the malware from those computers.
Antivirus firm Avast, which helped France's National Gendarmerie cybercrime center, announced the operation on Wednesday. It found that the command and control server, which waslocated in France, had a design flaw in its protocol that made it possible to remove the malware without "making the victims execute any extra code".
Cybersecurity firms such as Avast, as well as Trend Micro, had been tracking the worm, called Retadup, since last spring. Most of the infected computers were used by the malware authors to mine the cryptocurrency Monero, but in some cases it was also used to push ransomware and password-stealing malware.
As the antivirus firm reported, most Retadup victims were in South America, with Peru, Venezuela, Bolivia and Mexico at the top of the list.