HomesecurityHackers disguise themselves as McAfee staff and deceive users

Hackers disguise themselves as McAfee staff and deceive users

According to Google, hackers backed by the Chinese government, were disguised as McAfee employees to trick users into installing malware.


Intruders urged users to install a legitimate version of McAfee antivirus software from GitHubWhile malware installed secretly in their system.

Η Threat Analysis Group Google was the one that spotted the malicious activity and sent a warning.

The findings were also reported to FBI, said Google.

Security threats come shortly before the US election, and are becoming more and more over time. Google sent 10.316 warnings about "government-backed attacks" in the July-September 2020 quarter.

In June, Google said it had located attacks phishing against personal e-mail accounts belonging to Biden and campaign staff Trump by Chinese and Iranian hacking groups (APT).

These groups target the personal emails of employees of a campaign with phishing attacks and emails that contain tracking links.

RANSOMWARE ATTACK-Mississippi school district

Another Chinese campaign also relied on email links to install malware hosted on GitHub. The malware was an implant based on Python using the Dropbox file sharing service for command and control. It would allow the attacker to upload and download files as well as execute arbitrary commands.

Every malicious part of the attack was hosted on legitimate services, making it easier to avoid detection, according to Google.

Russia's Strontium group has attacked more than 200 organizations, including political campaigns, defense groups, parties and political advisers, Microsoft products.

Other cyber-espionage groups such as Zirconium and Phosphorus, which operate in China and Iran respectively, have attacked high-profile election-related users.

Absent Mia
Being your self, in a world that constantly tries to change you, is your greatest achievement