The same Chinese government-linked hackers who targeted the campaigns of both 2020 presidential candidates
“The targets would be prompted to install a legitimate version of McAfee anti-virus software from GitHub, while malware was simultaneously silently installed to the system.”
Google did not specify which organizations or individuals were targeted in these latest APT 31-sponsored attacks or whether they affected either candidate’s political campaign. The tech giant only said that it had seen “increased attention on the threats posed by APTs in the context of the U.S. election” and shared these latest findings with the Federal Bureau of Investigation.
“U.S government agencies have warned about different threat actors, and we’ve worked closely with those agencies and others in the tech industry to share leads and intelligence about what we’re seeing across the ecosystem,” Huntley said.
He added that in the event that Google’s anti-phishing safeguards detect a government-backed attack, the company sends the intended victim a warning explaining that a foreign government may be targeting them.
Google isn’t the only tech giant seeing an increase in cyberattacks ahead of the election. In September, Microsoft reported that Chinese, Russian, and Iranian government-backed hackers had launched similarly unsuccessful attacks on high-profile individuals associated with both the Trump and Biden campaigns. Last week, the FBI and U.S. Cybersecurity and Infrastructure Security Agency also released details about campaigns by foreign government-linked hackers to exploit federal, state, and local government networks.
Copyright © 2020 Ranzware IS Co