Spear-phishers change their bait to lure high-level feds

When the fish are biting, grab some more bait and throw your hook back into the water.

Attackers targeting high-level federal employees, military leaders and foreign leaders are luring their catches with an e-mail that purports to be from the Center for a New American Security (CNAS), a think tank that has sent a couple of its employees to senior positions in the Obama administration, writes Threatpost’s Paul Roberts.

The initial analysis points to China — again — which would mark the second elaborate phishing attack blamed on the country this summer, Roberts writes.

This new strategy follows a spear phishing attack that Google exposed in June and attributed to Chinese hackers. In that incident, the attackers gained access to officials’ Gmail accounts to monitor their e-mail messages and mess with users’ settings. The sneaky phishing campaign even infiltrated the account of a Cabinet-level official.

The latest phishing attack cashes in on CNAS’ good name with a subject line tied to the organization’s recent report on the detrimental effect of declining satellite capabilities, Roberts writes. Researcher Mila Parkour reported the phishing campaign on the “Contagio” blog and notified Google, Roberts adds.

About the Author

Connect with the GCN staff on Twitter @GCNtech.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.