Chinese hackers targeting Biden and Trump are faking McAfee software: Google

WION Web Team Washington, United States Oct 18, 2020, 07.51 PM(IST)

Chinese hackers targeting Biden and Trump are faking McAfee software: Google Photograph:( Reuters )

Story highlights

The report also cautioned users to rethink their YouTube activity, explaining that their Trust and Safety teams terminated more than 3,000 YouTube channels

Months before the US election, the Democratic President elect Joe Biden's election campaign was targeted by a group of Chinese hackers in a phishing attack.

A Google report by the Threat Analysis Group (TAG) has now claimed that the attack coordinated by a group of Chinese hackers are faking antivirus software McAfee to target the suspects.

This group of hackers appears to be the same group that had earlier targeted the US President Donald Trump in an unsuccessful attack.

Also read| Twitter changes policy on hacking after Biden censorship expose fiasco

As per the report, the hackers from the Iranian attacker group (APT35) and the Chinese attacker group (APT31) send a prompt asking victims to install the antivirus software and then let the virus silently creep into their systems.

Explaining how the group attacks the victims, Google's report stated, "The targets would be prompted to install a legitimate version of McAfee anti-virus software from GitHub, while malware was simultaneously silently installed to the system."

The tech giant claims that there has been an increase in such attacks in the pandemic, especially with the US elections being a few weeks away.

However, Google also assured that as soon as these attacks are identified, the victim is informed on a priority basis. "When we detect that a user is the target of a government-backed attack, we send them a prominent warning. In these cases, we also shared our findings with the campaigns and the Federal Bureau of Investigation. This targeting is consistent with what others have subsequently reported."

Also read: Russia behind cyberattack on parliament: Norway

The report also cautioned users to rethink their YouTube activity, explaining that their Trust and Safety teams terminated more than 3,000 YouTube channels. TAG claimed that they have tracked a large spam network — linked to China — that runs an influence operation, especially on YouTube, that targets existing accounts by "posting spammy content in Mandarin such as videos of animals, music, food, plants, sports, and games."

"Such videos frequently feature clumsy translations and computer-generated voices. Researchers at Graphika and FireEye have detailed how this network behaves—including its shift from posting content in Mandarin about issues related to Hong Kong and China’s response to COVID-19, to including a small subset of content in English and Mandarin about current events in the U.S. (such as protests around racial justice, the wildfires on the West Coast, and the U.S. response to COVID-19)," the report continued.