US Lawmaker Impersonated in Cyber Campaign, Suspects Chinese Hackers
US Lawmaker Impersonated in Cyber Campaign, Suspects Chinese Hackers - ‘This is another example of China’s offensive cyber operations designed to steal American strategy and leverage it against Congress,’ Rep. John Moolenaar says.
Udumbara
.
Rep. John Moolenaar (R-Mich.) said on Sept. 8 that malicious cyberactors have impersonated him in correspondence with trusted connections in recent weeks, suspecting Chinese state-backed cyberactors targeting sensitive information, as the timing overlaps with U.S.–China trade talks.
Moolenaar is the chair of the House Select Committee on the Chinese Communist Party, which conducts investigations and hearings and issues reports on the threat posed by the Chinese regime.
According to the committee, several emails were sent from Moolenaar’s address to certain contacts that included files which, if opened, would have granted the cyberactors access to the recipients’ systems, in what is known as a phishing campaign.
“This is another example of China’s offensive cyber operations designed to steal American strategy and leverage it against Congress, the Administration, and the American people,” Moolenaar said in a statement. “We will not be intimidated, and we will continue our work to keep America safe.”
The lawmaker noted that this incident comes at a time when high-level talks between the United States and China are ongoing, stating that it may have been part of a campaign aimed at “influencing U.S. policy deliberations and negotiation strategies to gain an advantage in trade and foreign policy.”
“These campaigns seek to compromise organizations and individuals involved in U.S.–China trade policy and diplomacy, including U.S. government agencies, U.S. business organizations, D.C. law firms and think tanks, and at least one foreign government,” a committee statement said.
The committee saw a similar campaign in January, when senior staff members working on a confidential investigation into Chinese state-owned port machinery company Shanghai Zhenhua Heavy Industries Company Limited (ZPMC) were targets of a phishing campaign. Malicious cyberactors posed as a representative from ZPMC North America to try to get the staffers to go to a page designed to steal Microsoft 365 credentials.
The committee has released reports warning that the predominance of Chinese-made ship-to-shore cranes at U.S. ports poses a major cybersecurity risk.
The committee noted that cyberagencies have already warned about years-long, mass cyberespionage campaigns sponsored by the Chinese Communist Party (CCP), and this may be just the latest attempt.
The United States, along with a dozen allies, recently released the most comprehensive report on the CCP-backed cyber campaign most commonly known as Salt Typhoon.
The cyberagencies unmasked three Chinese companies behind the campaign that last year breached at least eight major U.S. telecom companies. U.S. officials confirmed the hack months after The Wall Street Journal broke the news in 2024, but the report suggests the scope is much greater than previously understood.
The August report reveals that telecommunications networks, including internet service providers, were hacked alongside the lodging and transportation sectors, giving the hackers the ability to track their targets’ movements and communications around the world.
The committee has reported the campaign to the FBI, which has not yet publicly confirmed whether the campaign originated from China.
In response to an inquiry from The Epoch Times, the FBI stated, “While we are not commenting on any specific information, the FBI is aware of the situation, and we are working with our partners to identify and pursue those responsible.”
.
