Google said in a new blog post that hackers coupled to the Chinese government have been impersonating antivirus software McAfee to try to taint victims' machines with malware. And, Google says, the hackers appear to be the same group that unsuccessfully targeted the presidential campaign of former Vice President Joe Biden with a phishing fire originally this twelvemonth. A replaceable group of hackers based in Persia had tested to target President Trump's campaign, but also was unsuccessful.
The mathematical group, which Google refers to as APT 31 (short for Advanced Persistent Threat), would email links to users which would download malware hosted on GitHub, allowing the attacker to upload and download files and execute commands. Since the group utilised services like GitHub and Dropbox to carry out the attacks, it made it more difficult to track them.
"Every malicious spell of this set on was hosted on legitimate services, devising it harder for defenders to rely on network signals for detection," the head of Google's Threat Analysis Group Shane Huntley wrote in the blog stake.
:format(webp):no_upscale()/cdn.vox-cdn.com/uploads/chorus_asset/file/21968881/mcafee_attack.png)
In the McAfee imitation scam, the recipient of the email would be prompted to install a legitimate adaptation of McAfee software from GitHub, while simultaneously malware was installed without the user organism sensible. Huntley celebrated that whenever Google detects that a user has been the victim of a government-backed attack, IT sends them a admonition.
The web log post doesn't mention who was subject by Likely-31's latest attacks, but aforesaid in that location had been "increased attention on the threats posed away APTs in the context of the U.S. election." Google divided up its findings with the FBI.
Google says Chinese hackers who targeted Biden campaign are faking McAfee software
Source: https://www.theverge.com/2020/10/17/21520799/google-chinese-hackers-biden-campaign-mcafee-malware
