Business Today
Loading...

Chinese hackers using fake McAfee software to trick users into installing virus, says Google

Google in a blog post noted that China state-sponsored hackers are tricking people into installing malware by posing as the antivirus provider McAfee ahead of US elections.

twitter-logoIndia Today Tech | October 17, 2020 | Updated 16:35 IST
Shane Huntley, the head of Google’s Threat Analysis Group, in a blog post spoke about the state-sponsored attacks known as the APT-31 attacks ahead of US elections. (Picture: Reuters)

Highlights

  • Shane Huntley, the head of Google’s Threat Analysis Group, in a blog post spoke about the state-sponsored phishing attacks known as the APT-31 attacks.
  • The hackers pose as the antivirus provider McAfee through genuine online services like GitHub and Dropbox.
  • Huntley said these attempts have increased attention to the threats posed by APTs in the context of the US election.

Chinese government-linked hackers are tricking people into installing malware by posing as the antivirus provider McAfee through genuine online services like GitHub and Dropbox. The move comes ahead of the presidential elections in the US which are slated for November 3.

Shane Huntley, the head of Google's Threat Analysis Group, in a blog post spoke about the state-sponsored attacks known as the APT-31 attacks. "US government agencies have warned about different threat actors, and we've worked closely with those agencies and others in the tech industry to share leads and intelligence about what we're seeing across the ecosystem," Huntley said.

Speaking about the recent APT-31 sponsored attempts Huntley noted, "Every malicious piece of this attack was hosted on legitimate services, making it harder for defenders to rely on network signals for detection," Huntley said. Huntley further said the hackers would send emailing links that would download malicious code hosted on the open-source platform GitHub.


The malware was built using the Python computing language and would allow the attacker to upload and download files as well as execute arbitrary commands through Dropbox's cloud storage services

Google noted previous instances where attempts were made to hijack the email accounts of campaign staffers with President Donald Trump and Democratic nominee Joe Biden in June which it had successfully prevented.

Huntley did not specify if the current hacking attempt was aimed at the presidential candidates but said these attempts have increased attention to the threats posed by APTs in the context of the US election.

"US government agencies have warned about different threat actors, and we've worked closely with those agencies and others in the tech industry to share leads and intelligence about what we're seeing across the ecosystem," Huntley said.

Huntley noted that in the event of the threat of a state-sponsored phishing scam, the targeted victim gets a warning from Google explaining that a foreign government may be targeting them.


Youtube
  • Print

  • COMMENT
BT-Story-Page-B.gif
A    A   A
close