Google claims Chinese hackers tricking users into installing malware with fake McAfee software
2020-10-19The hackers who are linked with Chinese government are tricking people into installing malware by posing as the antivirus provider McAfee through genuine online services like GitHub and Dropbox. The move comes ahead of the presidential elections in the US which are slated for November 3.
In a blog, Shane Huntley, Head of Google’s Threat Analysis Group spoke about the state-sponsored attacks known as the APT-31 attacks. “US government agencies have warned about different threat actors, and we’ve worked closely with those agencies and others in the tech industry to share leads and intelligence about what we’re seeing across the ecosystem,” Huntley said.
Speaking about the recent APT-31 sponsored attempts Huntley noted, “Every malicious piece of this attack was hosted on legitimate services, making it harder for defenders to rely on network signals for detection,” Huntley said. Huntley further said the hackers would send emailing links that would download malicious code hosted on the open-source platform GitHub.
The malware was built using Python computing language. It would allow the attacker to upload and download files as well as execute arbitrary commands through Dropbox’s cloud storage services.
Google noted that the earlier instances where attempts were made to hijack the email accounts of campaign staffers with President Donald Trump and Democratic nominee Joe Biden in June was successfully prevented by the comapny.
Huntley did not specify if the current hacking attempt was aimed at the presidential candidates but said these attempts have increased attention to the threats posed by APTs in the context of the US election.
“US government agencies have warned about different threat actors, and we’ve worked closely with those agencies and others in the tech industry to share leads and intelligence about what we’re seeing across the ecosystem,” Huntley said.
Huntley noted that in the event of the threat of a state-sponsored phishing scam, the targeted victim gets a warning from Google explaining that a foreign government may be targeting them.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.