Phishing Attack On US Government Linked To Chinese Hackers

Uploaded on 2022-03-22 in TECHNOLOGY--Hackers, GOVERNMENT-National, FREE TO VIEW

Two separate Chinese state-sponsored Advanced Persistent Threat (APT) groups have been observed targeting victims, including US state governments, European diplomatic entities and Gmail accounts linked to the US government.

The first group, APT41, also known as Wicked Panda and Winti, is believed by researchers at Mandiant  to have successfully compromised at least six US state government networks. The APT did so by exploiting vulnerable Internet-facing web applications, including using zero-day  vulnerabilities in Apache Log4j.

Google’s Threat Analysis Group (TAG) alerted multiple Gmail users affiliated with the US government of an attempted phishing attack by a Chinese-backed hacking group, APT31, in February.  TAG warned “multiple” people that APT31 (also known as Judgment Panda and Zirconium) was after their sensitive information, and that the phishing attacks were successfully blocked in their email service.

According to TAG multiple Gmail users affiliated with the US government were alerted to an attempted phishing attack by a Chinese-backed hacking group noted as APT31 in February.

Fortunately for government officials, the attempted attack was unsuccessful as all of the emails containing phishing links were automatically marked as spam and filtered by Gmail. “Today, we sent those people who were targeted government backed attacker warnings,” Shane Huntley, Director of TAG said on Twitter... We don’t have any evidence to suggest that this campaign was related to the current war in Ukraine. In February, we detected an APT31 phishing campaign targeting high profile Gmail users affiliated with the US government. 100% of these emails were automatically classified as spam and blocked by Gmail.”

The attempted attack was unsuccessful as the emails were automatically marked as spam and filtered by Gmail.

There is no evidence that the hacking campaign was associated with the current war in Ukraine. When government sponsored hackers attempt to send a malicious email in Gmail, an alert warning them of a potential attack will be received. According to Google, less than 0.1% of account users will experience an attack.

Shane Huntley / Twitter:   Silicon Angle:      Oodaloop:   TechRepublic:     Techradar:   Newz9:    NewsUpateUK

You Might Also Read: 

China’s Dirty Secret - Intellectual Property Theft:

 

« Ukraine's 'IT Army' Risks Being Hijacked By Malware
Facebook Allows Calls for Violence Against Russian Leaders »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

Puppet

Puppet

Puppet is a leader in IT automation. Our software helps DevOps securely automate configuration and management of machines and the software running on them.

BackBox Software

BackBox Software

BackBox is a leading provider of solutions for automated backup and recovery software for security and network devices.

IABG

IABG

IABG offer independent, product-neutral consulting as well as technical and scientific services for the use of safety-relevant systems and technologies.

SAS Institute

SAS Institute

SAS is a leader in business analytics software and services providing solutions for a wide range of critical business areas including risk management, compliance and fraud prevention.

Signal Sciences

Signal Sciences

Signal Sciences Web Protection Platform (WPP) provides comprehensive threat protection and security visibility for web applications, microservices, and APIs on any platform.

Cyber Security Specialists

Cyber Security Specialists

Cyber Security Specialists Limited provide Security services across a wide range of markets, from multi-national Corporate Organisations and Government Agencies, through to smaller Businesses.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

GreyCampus

GreyCampus

GreyCampus is a leading provider of training for working professionals in the areas of Project Management, Big Data, Data Science, Service Management, Quality Management and Information Security.

Computer Network Defence (CND)

Computer Network Defence (CND)

Computer Network Defence (CND) are a Broad-Spectrum Cyber Security Consultancy and Recruitment Agency.

SIS Certifications (SIS CERT)

SIS Certifications (SIS CERT)

SIS Certifications is an ISO certification body serving more than 10,000 clients in over 15 countries worldwide.

Binary Defense

Binary Defense

Binary Defense protect businesses of all sizes through advanced cybersecurity solutions including Managed Detection and Response, Security Information and Event Management and Counterintelligence.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

Cloud4C

Cloud4C

Cloud4C is a leading automation-driven, application focused cloud Managed Services Provider.

Purple Team

Purple Team

Purple Team is an expert cybersecurity and managed security service provider focused on arming your IT infrastructure with both red team and blue team services.

Ultima

Ultima

Ultima are on a mission to help businesses unlock their true potential by using the right IT to protect your company’s revenue and reputation – 24/7.