Spear-phishers change their bait to lure high-level feds

When the fish are biting, grab some more bait and throw your hook back into the water.

Attackers targeting high-level federal employees, military leaders and foreign leaders are luring their catches with an e-mail that purports to be from the Center for a New American Security (CNAS), a think tank that has sent a couple of its employees to senior positions in the Obama administration, writes Threatpost’s Paul Roberts.

The initial analysis points to China — again — which would mark the second elaborate phishing attack blamed on the country this summer, Roberts writes.

This new strategy follows a spear phishing attack that Google exposed in June and attributed to Chinese hackers. In that incident, the attackers gained access to officials’ Gmail accounts to monitor their e-mail messages and mess with users’ settings. The sneaky phishing campaign even infiltrated the account of a Cabinet-level official.

The latest phishing attack cashes in on CNAS’ good name with a subject line tied to the organization’s recent report on the detrimental effect of declining satellite capabilities, Roberts writes. Researcher Mila Parkour reported the phishing campaign on the “Contagio” blog and notified Google, Roberts adds.

About the Author

Connect with the GCN staff on Twitter @GCNtech.


  • automated processes (Nikolay Klimenko/Shutterstock.com)

    How the Army’s DORA bot cuts manual work for contracting professionals

    Thanks to robotic process automation, the time it takes Army contracting professionals to determine whether prospective vendors should receive a contract has been cut from an hour to just five minutes.

  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

Stay Connected