Hackers posed as McAfee staff to trick users into installing malware | HT Tech

Hackers posed as McAfee staff to trick users into installing malware

According to Google, hackers backed by the Chinese government posed as authentic service providers like McAfee and GitHub to trick users into installing malware.

By: HT TECH
| Updated on: Oct 21 2020, 11:28 IST
Google said that these hackers would prompt users to install a legitimate version of the McAfee software from GitHub and on the side the malware was surreptitiously installed into the system.
Google said that these hackers would prompt users to install a legitimate version of the McAfee software from GitHub and on the side the malware was surreptitiously installed into the system. (Pixabay)

According to a Google blog post, Chinese government-backed hackers pretended to be staff from cybersecurity provider McAfee and tricked users into installing malware on their devices.

Google said that these hackers would prompt users to install a legitimate version of the McAfee software from GitHub and on the side the malware was surreptitiously installed into the system.

You may be interested in

MobilesTablets Laptops
25% OFF
Google Pixel 128GB
  • Black
  • 4 GB RAM
  • 128 GB Storage
37% OFF
Google Pixel 7 Pro 5G
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
7% OFF
Google Pixel 7A
  • Charcoal
  • 8 GB RAM
  • 128 GB Storage
7% OFF
Google Pixel 7 5G
  • Obsidian
  • 8 GB RAM
  • 128 GB Storage

Google's Threat Analysis Group (TAG) that works on preventing cyber attacks identified the activity and instantly sent out a prominent warning. Google also said that the findings were shared with the Federal Bureau of Investigation (FBI).

Also read
Looking for a smartphone? To check mobile finder click here.

Also Read: Microsoft is impersonated the most by hackers for phishing emails

This particular threat comes just ahead of the US elections and threats like these have gradually been increasing over the months. Google sent out 10,316 warnings about government-backed attacks over July to September, the blog stated.

In June this year, Google said that it had spotted phishing attacks targeted against personal email accounts of staffers on the Joe Biden and Donald Trump campaigns from Chinese and Iranian Advanced Persistent Threats (APT). These groups targeted campaign staffers' personal emails with phishing emails and emails containing tracking links.

The blog mentions another Chinese malware campaign that was based on emailing links that would download malware hosted on GitHub. The malware that was downloaded was a Python-based implant using Dropbox, the file sharing service, for command and control. The malware would allow the hacker to upload and download files as well as execute arbitrary commands, Google said.

Google added that these malicious attacks were hosted on legitimate services thus making it harder for defenders to rely on network signals for detection.

Also Read: Microsoft believes Russian hackers 'Fancy Bear' targeted Biden campaign firm

In September, Microsoft also pointed out that the spike in cyberattacks targeting people and organisations involved in the US Presidential elections.

Microsoft stated that the Russsian cyber hacking group Strontium attacked more than 200 organisations including politcal campaigns, parties, political consultants and advocacy groups.

As per reports, other cyber spying groups like Zirconium and Phosphorus, operating from China and Iran, have attacked high-profile users associated with the ongoing elections.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 21 Oct, 11:28 IST
NEXT ARTICLE BEGINS