TheUltraMods – The Best Tech and News

Chinese hackers using fake McAfee software to trick users into installing virus, says Google

Chinese government-related hackers are tricking people into installing malware by posing as the McAfee antivirus provider through authentic online services like GitHub and Dropbox. The move comes before the presidential election in the United States, scheduled for November 3.

Shane Huntley, the head of Google’s Threat Analysis Group, spoke in a blog post about the state-sponsored attacks known as APT-31 attacks. “US government agencies have warned about the different threat actors, and we’ve been working closely with those agencies and others in the tech industry to share contacts and information about what we’re seeing in the ecosystem,” Huntley said.

Speaking about recent APT-31-sponsored attempts, Huntley noted, “Every malicious part of this attack was hosted on legitimate services, making it more difficult for defenders to rely on network signals for detection,” Huntley said. Huntley further claimed that hackers will send email links that download malicious code hosted on the open source GitHub platform.

The malware was created using the Python processing language and would allow the attacker to upload and download files, as well as execute arbitrary commands via Dropbox’s cloud storage services

Google noted previous cases where attempts had been made to hijack campaign staff members’ email accounts with President Donald Trump and Democratic candidate Joe Biden in June, which it had successfully prevented.

Huntley did not specify whether the current hacking attempt was aimed at presidential candidates, but said these attempts have increased attention to threats posed by APTs in the context of the US election.

“US government agencies have warned about the different threat actors, and we’ve been working closely with those agencies and others in the tech industry to share contacts and information about what we’re seeing in the ecosystem,” Huntley said.

Huntley noted that in the event of a threat of a state-sponsored phishing scam, the targeted victim receives a warning from Google explaining that a foreign government may be targeting them.

Google noted in a blog post that Chinese state-sponsored hackers are tricking people into installing malware by posing as antivirus vendor McAfee ahead of the US election.

News Underline:

Exit mobile version