Biden Campaign Staffers Targeted in Cyberattack Leveraging Antivirus Lure, Dropbox Ploy
According to Google’s Threat Analysis Group, Joe Biden’s presidential campaign has been the target of credential phishing and malware attacks as hackers send campaign staffers malicious emails impersonating McAfee, an antivirus software provider. The sophisticated attacks used a mix of legitimate services and malicious links in an attempt to stead staffers’ credentials as well as infect their devices with malware.
Thankfully, the attacks were unsuccessful and were first discovered and disclosed in June, alongside cyberattacks also affecting Donald Trump’s campaign. However, Google’s Threat Analysis Group released detailed information about the tactics used in the attacks in a report released last Friday. The campaign utilized malicious email-based links that redirected staffers to downloading malware hosted on GitHub, known to be a python-based implant leveraging Dropbox for command and control. This allowed attackers to remotely upload and download files, as well as execute arbitrary commands on the staffers’ devices.