Latest in Gear

Image credit: Bill Hinton Photography via Getty Images

Chinese hackers impersonated McAfee to attack election campaign staffers

Google also warned of a sharp spike in denial of service attacks.
Jon Fingas, @jonfingas
October 17, 2020
605 Shares
Share
Tweet
Share

Sponsored Links

Cybercriminal, hacker China flag background.
Bill Hinton Photography via Getty Images

Google warned in June that state-sponsored hackers were targeting 2020 US election campaigns, and now it’s outlining some of the methods those perpetrators used. APT31, a group linked to China, impersonated McAfee (the antivirus software, not its indicted founder) in a bid to trick campaign workers into installing malware. While the software was a real copy stored in GitHub, the ploy would quietly install malware in the background.

If successful, the attack would let intruders run arbitrary commands as well as transfer files.

Researchers further linked China to a large-scale spam network trying to influence the US through YouTube videos (some from hijacked channels) with “clumsy” translations and computer-generated voices. Google said it had disrupted the network, including the removal of more than 3,000 channels, and that it didn’t have any practical reach. There haven’t been any “significant” coordinated influence campaigns on its platforms that targeted US voters, Google said.

The company also pointed to North Korean groups trying to compromise COVID-19 researchers and pharmaceutical firms in September through phishing and malware.

Brute force attacks also played a role, Google added. They’re less common from state-backed groups, but Google pointed to a distributed denial of service attack in 2017 that illustrated the dangers. The tech pioneer had to absorb an attack using a whopping 2.5Tbps of bandwidth spread across several Chinese internet providers. DDoS attacks need a “coordinated response” from the internet, and Google promised to report those efforts when it’s reasonably confident they have state-based origins.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
605 Shares
Share
Tweet
Share

Popular on Engadget

RISC-V is trying to launch an open-hardware revolution

RISC-V is trying to launch an open-hardware revolution

View
'Spider-Man: Miles Morales' new suit moves like 'Into the Spider-Verse'

'Spider-Man: Miles Morales' new suit moves like 'Into the Spider-Verse'

View
Roborace engineer explains why a driverless racecar drove into a wall

Roborace engineer explains why a driverless racecar drove into a wall

View
Ford reveals how much its Active Driver Assist option will cost

Ford reveals how much its Active Driver Assist option will cost

View
The Rock's latest headphones are earbuds with bold battery claims

The Rock's latest headphones are earbuds with bold battery claims

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr