Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

State-sponsored hackers target US government employees with fast food bait amid fog of coronavirus

Thousands of hacked accounts leak online from Wuhan Institute of Virology, World Health Organisation, the Centres for Disease Control, and the Bill & Melinda Gates Foundation

Justin Vallejo
New York
Thursday 23 April 2020 01:30 BST
Comments
World Health Organisation provides update on the ongoing Covid-19 pandemic

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

More than a dozen hacker groups backed by foreign governments have targeted US employees with phishing and malware attacks under the cover of the coronavirus pandemic, according to Google security data.

Google's Threat Analysis Group said on Wednesday the state-sponsored campaigns to target US government employees with offers of free fast food were among the 18 million attempted scam messages per day related to Covid-19.

Meanwhile, nearly 25,000 email addresses and passwords belonging to the Wuhan Institute of Virology, the World Health Organisation, the Centse for Disease Control, the National Institutes of Health, and the Bill & Melinda Gates Foundation were leaked online late on Wednesday, according to the SITE Intelligence Group.

SITE Intelligence Group Director Rita Katz said on a Twitter thread that the hacked emails were posted to message group 4chan by right-wing extremists.

The findings come as the Department of Justice on Wednesday notified domain hosts about hundreds of websites that were attempting to exploit coronavirus fears to scam or compromise network security; with the FBI reporting a 260 per cent increase in daily scams.

Google did not specify which foreign governments were behind the recent attacks against US employees. But their team found separate Covid-19 threats targeting health organisations in a manner consistent with the groups Charming Kitten and Packrat, which corroborated recent reports of Iranian influence in attacks against the World Health Organisation.

In publishing the findings of the state-sponsored campaigns it had been tracking, the head of Google's Threat Analysis Group, Shane Huntley, said hackers targeted the personal email accounts of US government workers.

"Some messages offered free meals and coupons in response to COVID-19, others suggested recipients visit sites disguised as online ordering and delivery options," Mr Huntley said.

"We're not aware of any user having their account compromised by this campaign, but as usual, we notify all targeted users with a 'government-backed attacker' warning."

Mr Huntley said they were seeing the change in tactics by government-backed groups as hackers experienced productivity lags and issues due to the global lockdowns and quarantine efforts.

Google has begun adding extra security protections for more than 50,000 high-risk accounts belonging to public health organisations and agencies becoming new targets as a result of Covid-19.

The FBI's Internet Crime Complaint Centre received 3,600 complaints a day, up from an average 1,000 per day before the pandemic, with scam websites posing as organisations like the American Red Cross offering coronavirus cures and vaccines in an attempt to instal malware.

To disrupt the malicious websites, the FBI and Department of Justice are coordinating with the Secret Service, Food and Drug Administration and Postal Inspection Service.

"Keeping pace with the growing threat of cyber-enabled COVID-19 scams requires an alliance between the private sector and our law enforcement partners to safeguard our Nation from this sort of nefarious conduct," said US Secret Service Director James M Murray.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in