U.S. probes malware email targeting trade talks with China: Report

U.S. authorities are investigating a bogus email purportedly from a Republican lawmaker that contained malware apparently aimed at giving China insights into the Trump administration’s trade talks with Beijing, the Wall Street Journal reported on Sunday.

The malware in the email that appeared to be sent by Representative John Moolenaar in July to U.S. trade groups, law firms and government agencies was traced by cyber analysts to a hacker group – APT41 – believed to be working for Chinese intelligence, the newspaper said.

Moolenaar, a harsh critic of Beijing, is the chairman of a congressional committee focused on strategic competition between China and the United States, including threats to U.S. national security.

The email was the latest alleged Beijing-linked hacking operation aimed at giving China insight into recommendations to the White House for contentious trade talks with China, said the Journal, quoting people familiar with the matter.

The Chinese embassy in Washington said it was not familiar with the details of the reported attack and that all countries face cyberattacks that are difficult to trace.

“China firmly opposes and combats all forms of cyber attacks and cyber crime,” it said in an emailed statement. “We also firmly oppose smearing others without solid evidence.”

The Journal said the first malware email was sent just before U.S.-China trade talks in Sweden that led to an extension of a truce on tariffs until early November, when U.S. President Donald Trump and Chinese leader Xi Jinping could meet at an Asian economic summit.

“Your insights are essential,” said the email that asked recipients to review proposed legislation attached to it.

Opening the draft legislation would have allowed the malware to give the hackers extensive access to the targeted groups, the newspaper said, adding that it could not be determined if the attacks had succeeded.

The newspaper said that the FBI and the U.S. Capitol Police were investigating the email.

It quoted an FBI spokeswoman as saying that the bureau was aware of the email and was “working with our partners to identify and pursue those responsible.” The Capitol Police declined to comment, it said.

In a statement to the Journal, Moolenaar called the attack another example of Chinese cyber operations aimed at stealing U.S. strategy. “We will not be intimidated,” he said.

The fake email came to light when staffers of Moolenaar’s committee started receiving puzzling inquiries about it, said the Journal, quoting people familiar with the matter.