Hackers target politicians with fake news website
Hackers created a fake news website to harvest data from Australian government officials, journalists and others, according to a top US security company.
The targets received emails claiming to be from Australian news outlets, which linked them to a malicious website.
Proofpoint said it had “high confidence” the hackers were aligned with the Chinese government.
“We take attribution very seriously,” Proofpoint threat research and detection vice-president Sherrod DeGrippo said.
“We specifically don’t release attribution unless we have high confidence.
“Essentially, a big part of our attribution capability comes from the fact that the United States Department of Justice agrees with the attribution and data that we have released.
“The reason that we have such high confidence in this particular attribution really goes back to the DoJ indictment, which mentions these defendants and specifically calls out the Proofpoint name identifier of ‘Leviathan’.”
Proofpoint said the hackers were part of a group of which four members had been charged by the US in 2021, when the UK’s National Cyber Security Centre said it was “almost certain” they were linked to the Chinese government.
It said the group was “a China-based, espionage-motivated threat actor that has been active since 2013, targeting a variety of organisations in response to political events in the Asia-Pacific region, with a focus on the South China Sea.”
Agencies
Comments are closed.