Particle.news
Download on the App Store
6 ARTICLES
·
last wk.

FBI Confirms Probe of Malware Emails Impersonating Rep. John Moolenaar, Linked to APT41

Investigators are examining a spear-phishing scheme that sent a booby-trapped draft sanctions bill during U.S.-China trade talks.

Image
Image
Lit only by a small task-light in a dark room Joe Stewart works in front of five monitors with multiple windows one each at his Dell SecureWorks office in Myrtle Beach, South Carolina, U.S., Friday, Jan. 18, 2013. Stewart has been working mapping the digital weapons and organizations behind China's vast cyber espionage effort against US and European corporations. Photographer: Stephen Morton/Bloomberg
Image

Overview

  • Emails posing as messages from Rep. John Moolenaar were sent in July to his committee staff, trade groups, law firms, and U.S. government agencies.
  • The messages originated from a nongovernment address and attached a draft China sanctions bill that contained spyware.
  • Forensic analysis tied the malware to APT41, a hacking group researchers associate with China’s Ministry of State Security.
  • The FBI said it is working with partners to identify and pursue those responsible, and U.S. Capitol Police are participating in the investigation.
  • Authorities have not confirmed any successful breaches, and Moolenaar condemned the operation as an effort to steal U.S. strategy.