WASHINGTON (Reuters) – U.S. authorities are investigating a bogus email purportedly from a Republican lawmaker that contained malware apparently aimed at giving China insights into the Trump administration’s trade talks with Beijing, the Wall Street Journal reported on Sunday.

The malware in the email that appeared to be sent by Representative John Moolenaar in July to U.S. trade groups, law firms and government agencies was traced by cyber analysts to a hacker group – APT41 – believed to be working for Chinese intelligence, the newspaper said.

Moolenaar, a harsh critic of Beijing, is the chairman of a congressional committee focused on strategic competition between China and the United States, including threats to U.S. national security.

Advertisement Advertisement

Advertisement Advertisement

The email was the latest alleged Beijing-linked hacking operation aimed at giving China insight into recommendations to the White House for contentious trade talks with China, said the Journal, quoting people familiar with the matter.

The Chinese embassy in Washington said it was not familiar with the details of the reported attack and that all countries face cyberattacks that are difficult to trace.

“China firmly opposes and combats all forms of cyber attacks and cyber crime,” it said in an emailed statement. “We also firmly oppose smearing others without solid evidence.”

The Journal said the first malware email was sent just before U.S.-China trade talks in Sweden that led to an extension of a truce on tariffs until early November, when U.S. President Donald Trump and Chinese leader Xi Jinping could meet at an Asian economic summit.

Advertisement Advertisement

Advertisement Advertisement

“Your insights are essential,” said the email that asked recipients to review proposed legislation attached to it.

Opening the draft legislation would have allowed the malware to give the hackers extensive access to the targeted groups, the newspaper said, adding that it could not be determined if the attacks had succeeded.

The newspaper said that the FBI and the U.S. Capitol Police were investigating the email.

It quoted an FBI spokeswoman as saying that the bureau was aware of the email and was “working with our partners to identify and pursue those responsible.” The Capitol Police declined to comment, it said.

Advertisement Advertisement

Advertisement Advertisement

In a statement to the Journal, Moolenaar called the attack another example of Chinese cyber operations aimed at stealing U.S. strategy. “We will not be intimidated,” he said.

The fake email came to light when staffers of Moolenaar’s committee started receiving puzzling inquiries about it, said the Journal, quoting people familiar with the matter.

(Reporting by Jonathan Landay in Washington; Editing by Ross Colvin, Susan Heavey and Matthew Lewis)

UPDATING

A group of suspected Chinese hackers allegedly pretended to be a prominent member of Congress as a way to influence high-level trade negotiations between the U.S. and Beijing, according to a report from the Wall Street Journal.

The hackers allegedly created fake digital profiles and sent fraudulent emails impersonating the lawmaker.

The fake emails were sent to key players in the trade negotiations, including U.S. officials, business leaders, and trade policy experts.

U.S. intelligence agencies have long warned that state-backed hackers from China, Russia, and other countries continue to target U.S. public and private entities.

“This shows adversaries understand how much weight a single lawmaker’s voice can carry,” one congressional aide said in the report.

Authorities are still investigating whether any data was stolen during the operation.

Chinese hacking group “Salt Typhoon” may have stolen data from every single American, including US President Donald Trump and Vice President JD Vance, US officials said after concluding a year-long investigation.

Chinese hacking groups have targeted global power grids and companies in more than 80 countries in a year-long hacking assault. Salt Typhoon alone is alleged to have hacked into power grids and companies for decades, stealing intellectual property such as US chip designs.

Trump and Vance were targeted during their presidential campaigning last year. The report also noted that several high-profile Democrats were also evidently targeted.

Advertisement Advertisement

Advertisement Advertisement

US investigators said the attack goes much deeper than they initially predicted, revealing that the cyber assault was a result of a years-long coordinated effort.

The attack, carried out by Chinese state-sponsored hackers, targeted major telecommunications companies, retrieving data which security officials say could allow Beijing’s intelligence services to exploit global communication networks, track targets, including politicians, activists, dissidents and spies.

In a joint statement, involving several countries, including Germany, the UK, Italy, Finland and Spain, officials said the cyber criminals “are targeting networks globally, including, but not limited to, telecommunications, government, transportation, lodging, and military infrastructure networks.”

UK and US officials have described the attack as “unrestrained” and “indiscriminate” in an unprecedented statement, which also included the likes of Australia, Canada, Japan and South Korea as signatories.

Advertisement Advertisement

Advertisement Advertisement

“I can’t imagine any American was spared given the breadth of the campaign,” said Cynthia Kaiser, a former top official in the FBI’s cyber division, who was involved in the investigations into the hacking.

How dangerous is the hack?

The Salt Typhoon hack could pose a new threat from China, capable of testing its rivals, including the United States, and match their tech prowess, as the world’s second-largest economy looks to expand its dominance and mark its territory as a global giant.

Investigators linked the assault to a minimum of three Chinese tech firms that have been operating since at least 2019. The 38-page joint report and statement added that the cocktail of companies behind those attacks has a history of carrying out operations for the Chinese military and civilian intelligence agencies.

The cyberbreach aimed to give Chinese officials the capacity to “identify and track their targets’ communications and movements around the world.”

Advertisement Advertisement

Advertisement Advertisement

Attackers stole data from telecom and internet service companies, breaching over a half dozen in the US alone, exploiting old vulnerabilities in the networks, according to British officials.

London added that Beijing was able to listen to phone calls, read text messages, and access locally stored files on the devices of those who were targeted.

Related

The scale of this breach highlights China’s ever-growing ambitions for global influence across all fields, including defence and technology.

On Wednesday, China revealed to the world its latest weapons and defence technologies in a military parade in Beijing, attended by several world leaders, commemorating the 80th anniversary of Japan’s surrender in World War II.

Trump will visit the headquarters of the Federal Reserve tomorrow, according to a copy of his schedule released by the White House.

He will visit as two top aides, deputy chief of staff James Blair and Federal Housing Finance Agency Director William Pulte, said they planned a tour of the building’s renovation.

The renovation has become the source of controversy among Republicans and top officials in the Trump administration who have been relentlessly attacking Fed Chair Jerome Powell over the cost of the renovation, which they have called “ostentatious” and a “palace.”

Many on Wall Street have seen that attacks as a potential way to fire Powell “for cause,” which is the only way a president can legally remove a Fed official. Powell and the central bank have repeatedly said the cost is due in part to asbestos in the building, toxic soil below the site and an increase in raw materials.