If you try to read the blockbuster report that exposed China’s alleged state-sponsored hacking operation against the U.S., you might end up riddled with malware youself.
The APT1 report, issued Tuesday by American cybersecurity consulting firm Mandiant, drew widespread attention for its bold conclusion that a high percentage of cyber attacks come from a single Chinese army building. It quickly dominated the news cycle, and was promptly hailed by politicians as evidence that we need more laws to protect us from Chinese hackers.
Perhaps capitalizing on APT1’s newfound popularity, someone’s sending out spam emails with the report seemingly attached—but the attachment is in actuality a trojan virus. According to antivirus software maker Symantec:
Symantec has discovered someone performing targeted attacks is using the report as bait in an attempt to infect those who might be interested in reading it. The email we have come across is in Japanese, but this does not mean there are no emails in other languages spreading in the wild.
[…]like in many targeted attacks, the email is sent from a free email account and the content of the email uses subpar language. It is obvious to a typical Japanese person reading the email that it was not written by a native speaker.
Symantec notes that, considering the irony of using an alleged report on hacking to hack unsuspecting users, the malware could have been created as a prank.
If you do want to read the read the 60-page (74 if you count the appendixes) report—and it’s quite readable, even if you’re not a cybersecurity geek—you certainly can do so. Just be sure to download it from Mandiant’s website, rather than from an unsolicited email.
Photo by José Goulão