Google says Chinese hackers who targeted Biden campaign are faking McAfee software

..

Google said in a new blog post that hackers linked to the Chinese government have been impersonating antivirus software McAfee to try to inspire victims' machines with malware. And, Google says, the hackers communicated to be the same group that weakly targeted the presidential microseism of grander Vice President Joe Biden with a phishing biff beforehand this year. A agnate group of hackers based in Iran had tried to yearing President Trump's campaign, except also was unsuccessful.

The group, which Google refers to as APT 31 (short for Modern Persistent Threat), would email links to users which would download malware hosted on GitHub, assuasive the attacker to upload and download files and execute commands. Since the group acclimated casework like GitHub and Dropbox to funnel out the attacks, it made it increasingly difficult to track them.

"Every shuddersome piece of this biff was hosted on legitimate services, making it harder for defenders to rely on rendition signals for detection," the pontoon of Google's Threat Booty Group Shane Huntley wrote in the blog post.

..

.. . . . .. . . .. . . . .. Google. .

.

In the McAfee impersonation scam, the successor of the email would be prompted to install a legitimate adaptation of McAfee software from GitHub, while at the same time malware was installed without the user genuineness aware. Huntley reputable that whenever Google detects that a user has been the victim of a government-backed attack, it sends them a warning.

The blog column doesn't mention who was needless by APT-31's latest attacks, except said there had been "increased conservancy on the threats airish by APTs in the context of the U.S. election." Google shared its findings with the FBI.

.