Google Says Government Backed Hackers Are Impersonating McAfee
Google says that hackers have been impersonating antivirus software, McAfee, to infect victims’ machines with malware. The company also says that the group has links to the Chinese government.
The company believes that the group is the same one that unsuccessfully targeted the presidential campaign of former Vice President Joe Biden with a phishing attack earlier in 2020. Another unsuccessful attempt by a similar group of hackers based in Iran also targeted President Trump’s campaign.
Google refers to the group as APT 31 (Advanced Persistent Threat). The group work by emailing links to users with which they would unknowingly download malware hosted on GitHub.
– GitHub Reduces Subscription Prices, Offers Free Private Repositories For Unlimited Collaborators
– Here Is A Cybersecurity Show That You Can Join For Free
– How You Benefit From Google Users Safety And Security Protocols Update
Google says the recipient of the email would then be prompted to install a legitimate version of McAfee software from GitHub. Then, unknown to the user, the malware would be installed. According to Shane Huntley, head of Google’s Threat Analysis Group, whenever Google detects that a user has been compromised by a government-backed attack, it sends them a warning.
According to Huntley, their use of legitimate services like GitHub and Dropbox in hosting their malware also makes it more difficult to track them. “Every malicious piece of this attack was hosted on legitimate services, making it harder for defenders to rely on network signals for detection,” Huntley said.
Google doesn’t mention who was the victim of APT-31’s latest attacks, however, it notes; “[there is] increased attention on the threats posed by APTs in the context of the U.S. election”. The company is also sharing its findings with the FBI.
For your daily dose of tech, lifestyle, and trending content, make sure to follow Plat4om on Twitter @Plat4omLive, on Instagram @Plat4om, on LinkedIn at Plat4om, and on Facebook at Plat4om. You can also email us at email@example.com and join our channel on Telegram at Plat4om. Finally, don’t forget to subscribe to our YouTube channel HERE.