Search engine Google stated that a group of Chinese hackers attacked candidate Joe Biden as the US elections approached. Chinese hackers are trying to encourage users to install infected software by imitating the antivirus program McAfee.
Chinese hackers are now using McAfee
In a blog post shared by Google, it was alleged that the hackers found to be affiliated with the Chinese government impersonated the antivirus software McAfee to try to infect victims’ systems with malware. In addition, Google stated that the hackers in question were the team in the attack on Biden earlier this year, and that another Iran-based group targeted Trump’s campaign. Both attacks failed to achieve their intended purpose.
The group, called APT31, sends links via e-mail to users who download malware built with code on the GitHub platform. Systems such as GitHub and Dropbox used by the group make it very difficult to follow. The recipient of the e-mail is asked to install McAfee software, and the victim adds the malware to his system alongside the application, unnoticed.
“Each step of these attacks is hardened with legitimate services, making it easier for defense systems to trust,” said Shane Huntley, head of Google’s Threat Analysis Group, in a blog post. Huntley also highlighted that a Google user sends them a warning when they become a victim of the attack.
While it was not disclosed in the blog post how many people were affected by the attack, it was stated that all findings were shared with the FBI.