Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Viruses & Malware / Hackers Cite Roy Moore in Scheme
Chinese Hackers Cite Roy Moore in New Scheme
Chinese Hackers Cite Roy Moore in New Scheme
By Andrew Blake Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
The scandal surrounding embattled Alabama Senate candidate Roy Moore has provided fodder for foreign hackers attacking U.S. targets, cybersecurity firm FireEye said Monday.

A hacking group with ties to the Chinese government known as APT19 has been sending malicious emails to multinational, U.S.-based law firms referencing the Republican nominee, who is accused of sexual misconduct with teen girls years ago when he was in his 30s, FireEye analysts told CyberScoop.

Mr. Moore has denied any wrongdoing.

The messages were sent to at least three major law firms last week and contained the same subject line, according to FireEye: "FW: Roy Moore scandal ignites fundraising explosion for Democratic challenger Doug Jones."

The emails contained a malicious Microsoft Word document that could let hackers remotely access an infected computer if opened, the security firm said.

"It's difficult to say what they're after because the lures are so broadly written and we're stopping them at the perimeter, before they really get a chance to do much," FireEye analyst Ben Read told CyberScoop. "It's feasible that APT19 is looking to steal financial documents, including information about business mergers and acquisitions which could be worth a lot.

"Based on what we can observe, the targets are mostly the same every time (major U.S.-based law firms)," added fellow FireEye analyst Ian Ahl. "The emails all originate from an APT19 owned domain, but the sender username is often changed."

The emails referencing the upcoming Alabama race were the fourth wave of an APT19 operation already underway since at least June, according to CyberScoop.

The former state chief justice will face Democratic rival Doug Jones in a special election on Dec. 12.

The hackers previously sent similar emails to targets containing subject lines referencing incoming French President Emmanuel Macron, among other topics, the security firm said earlier. Recently, those emails referenced the likes of Mr. Moore, disgraced movie mogul Harvey Weinstein and 2016 Democratic presidential candidate Hillary Clinton, CyberScoop reported Monday.

The latest wave of emails targeted the same group of law firms that received malicious messages attributed to APT19 in June, October and November, according to CyberScoop.

FireEye has previously described APT19 as having "some degree of sponsorship by the Chinese government." APT is short for "advanced persistent threat," a label often applied to sophisticated, typically state-sponsored hacking outfits.

© 2018 Washington Times under contract with NewsEdge/Acquire Media. All rights reserved.

Image credit: iStock/Artist's concept.

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter

Over the past decade, hospitals have been busy upgrading their systems from paper to electronic health records. Unfortunately, spending so much on EHR may have left insufficient funds for security.
The British government officially blamed Russia for waging the so-called NotPetya cyberattack that infected computers across Ukraine before spreading to systems in the U.S. and beyond.
© Copyright 2018 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.