Google says Chinese hackers who targeted Biden campaign are faking McAfee software

Google stated in a brand new weblog submit that hackers linked to the Chinese authorities have been impersonating antivirus software McAfee to attempt to infect victims’ machines with malware. And, Google says, the hackers seem like the identical group that unsuccessfully targeted the presidential campaign of former Vice President Joe Biden with a phishing assault earlier this yr. An identical group of hackers primarily based in Iran had tried to focus on President Trump’s campaign, but additionally was unsuccessful.

The group, which Google refers to as APT 31 (quick for Advanced Persistent Threat), would e mail hyperlinks to customers which might obtain malware hosted on GitHub, permitting the attacker to add and obtain recordsdata and execute instructions. Since the group used companies like GitHub and Dropbox to hold out the assaults, it made it tougher to trace them.

“Every malicious piece of this attack was hosted on legitimate services, making it harder for defenders to rely on network signals for detection,” the top of Google’s Threat Analysis Group Shane Huntley wrote within the weblog submit.



Google

In the McAfee impersonation rip-off, the recipient of the e-mail can be prompted to put in a reputable model of McAfee software from GitHub, whereas on the similar time malware was put in with out the person being conscious. Huntley famous that every time Google detects {that a} person has been the sufferer of a government-backed assault, it sends them a warning.

The weblog submit doesn’t point out who was affected by APT-31’s newest assaults, however stated there had been “increased attention on the threats posed by APTs in the context of the U.S. election.” Google shared its findings with the FBI.

Leave a Reply

Your email address will not be published. Required fields are marked *