According to analysis by Google researchers, two hacking groups, APT31 and APT35, are applying the phishing technique against Joe Biden and Donald Trump’s campaign teams. The groups are, respectively, from China and Iran.
The groups have been trying to hack into their email accounts with malicious content. The discovery was made public by Google’s Threat Analysis Group director, or just ‘TAG’, Shane Huntley, on Twitter.
According to him, there is no sign that the accounts have been compromised. A “governmental warning” has been sent to people who may have been attacked in their emails.
According to Google, from January 2017 to the beginning of 2020, 1.8 million sites with the potential to apply phishing scams were identified. The practice is known for deceiving a user with fake messages, but with the “face” of legitimate ones.
“If you’re working on a campaign in this election period, your personal accounts could be targeted [for phishing],” said Huntley. He reinforces the use of “two-factor authentication” and cites that “advanced protection can really make a difference”.
To the TechCrunch website, a Google spokesman said that TAG “recently saw phishing attempts by a Chinese group targeting the personal email accounts of Biden’s campaign team, and an Iranian group targeting email accounts – Trump campaign team email. ”
Despite not finding any evidence that the attempts were successful, Google forwarded, in addition to the alert, “information for federal law enforcement”.
“We knew from the start”
In a statement, a spokesman for Biden’s campaign said they were aware “of Google’s reports that an outside agent made unsuccessful attempts to access the campaign team’s personal email accounts.”
“We knew from the beginning of our campaign that we would be subject to these attacks, and we are prepared for them,” says the note. It is also reinforced that the campaign “takes cybersecurity seriously” and that they will keep their eyes open with threats of the kind.
A Trump spokesman informed the website that the team is also aware that “outside agents have tried unsuccessfully to violate our team’s technology.”