Chinese hackers using fake McAfee software to trick users into installing virus, says Google

Hackers linked to the Chinese government trick people into installing malware by posing as the antivirus provider McAfee through real online services like GitHub and Dropbox. The move comes ahead of the US presidential election, scheduled for November 3.

Shane Huntley, the head of Google’s Threat Analysis Group, spoke in a blog post about the state-sponsored attacks known as the APT-31 attacks. “US government agencies have warned of various threat actors, and we’ve worked closely with those agencies and others in the tech industry to share leads and information about what we’re seeing in the ecosystem,” Huntley said.

Speaking of the recent APT-31-sponsored efforts, Huntley noted, “Every malicious portion of this attack was hosted on legitimate services, making it more difficult for defenders to rely on network signals for detection,” Huntley said. Huntley went on to say that the hackers would send email links that would download malicious code hosted on the open-source platform GitHub.

The malware is built using the Python computer language and would allow the attacker to upload and download files and run arbitrary commands through Dropbox’s cloud storage services

Google noted previous instances of attempts in June to hijack campaign executives’ email accounts featuring President Donald Trump and Democratic nominee Joe Biden, who successfully prevented it.

Huntley did not specify whether the current hacking attempt was targeting the presidential candidates, but said these attempts have raised awareness of the threats from APTs in the context of the US election.

“US government agencies have warned of various threat actors, and we’ve worked closely with those agencies and others in the tech industry to share leads and information about what we’re seeing in the ecosystem,” Huntley said.

Huntley noted that in the event of the threat of a state-sponsored phishing scam, the intended victim will receive a warning from Google explaining that a foreign government may be targeting them.

Google noted in a blog post that Chinese state-sponsored hackers trick people into installing malware by posing as the antivirus provider McAfee ahead of the US election.

News Highlights:

  • Shane Huntley, the head of Google’s Threat Analysis Group, spoke in a blog post about the state-sponsored phishing attacks known as the APT-31 attacks.
  • The hackers pose as the antivirus provider McAfee through real online services such as GitHub and Dropbox.
  • Huntley said these efforts have raised awareness of the threats from APTs in the context of the US election.
News - Tech News, Latest News, Business News and world News