电诈还是黑客??

四角池

看起来有点像电信诈骗就可以做到的事情

• 攻击方式：黑客冒充美国众议员 John Moolenaar，通过伪造电子邮件向贸易组织、律所和政府机构发送含有恶意软件的文件。
• 目的：窃取与美中贸易谈判相关的战略信息，尤其是特朗普政府在谈判前收到的外部建议。
• 技术手段：邮件中嵌入间谍软件，若收件人打开附件，黑客可深入目标系统。
  
  

As the Trump administration’s contentious trade talks with China were set to begin in Sweden last July, staffers on the House committee focused on U.S. competition with China began to get puzzling inquiries, according to people familiar with the matter.

据知情人士透露，去年 7 月，特朗普政府与中国在瑞典开始进行有争议的贸易谈判时，众议院关注美国与中国竞争的委员会工作人员开始收到令人费解的询问。

Several trade groups, law firms and U.S. government agencies had all received an email appearing to be from the committee’s chairman, Rep. John Moolenaar (R., Mich.), asking for input on proposed sanctions with which the legislators were planning to target Beijing.

多个贸易团体、律师事务所和美国政府机构都收到了一封看似来自该委员会主席、密歇根州共和党众议员约翰·穆勒纳尔 (John Moolenaar) 的电子邮件，要求就立法者计划针对北京的制裁提案提供意见。

“Your insights are essential,” the email read, asking the groups to review a draft of the legislation attached to the message. But why had the chairman sent the message from a nongovernment address?

邮件中写道：“你们的见解至关重要”，并要求各团体审阅邮件附件中的立法草案。但主席为什么要用非政府邮箱发送这条信息呢？

It turned out to be the latest in a series of alleged cyber espionage campaigns linked to Beijing, people familiar with the matter said, timed to potentially deploy spyware against organizations giving input on President Trump’s trade negotiations.

知情人士称，这实际上是一系列涉嫌与北京有关的网络间谍活动中的最新一起，目的是针对为特朗普总统的贸易谈判提供意见的组织部署间谍软件。

The FBI and the Capitol Police are investigating the Moolenaar emails, and cyber analysts traced the embedded malware to a hacker group known as APT41—believed to be a contractor for Beijing’s Ministry of State Security.

美国联邦调查局和国会警察正在调查 Moolenaar 的电子邮件，网络分析师追踪到嵌入的恶意软件来自一个名为 APT41 的黑客组织，据信该组织是北京国家安全部的承包商。

U. S. and Chinese officials met in late July in Stockholm—just days after the first email was sent—to pursue the type of high-stakes negotiations that spies in both countries were likely eager to obtain an advantage in.

在第一封电子邮件发出几天后，美国和中国官员于 7 月底在斯德哥尔摩举行会晤，进行两国间谍可能都渴望获得优势的高风险谈判。The two countries soon after agreed to extend a tariff truce until early November, when Trump and Xi could meet at an Asian economic summit. 两国随后不久同意将关税休战延长至11月初，届时特朗普和习近平将在亚洲经济峰会上会面。

The hacking campaign appeared to be aimed at giving Chinese officials an inside look at the recommendations Trump was receiving from outside groups. It couldn’t be determined whether the attackers had successfully breached any of the targets.  

此次黑客攻击行动似乎旨在让中国官员深入了解特朗普从外部机构获得的建议。目前尚无法确定攻击者是否成功攻破了任何目标。

A Federal Bureau of Investigation spokeswoman declined to provide details but said the bureau was aware of the incident and was “working with our partners to identify and pursue those responsible.” The Capitol Police declined to comment.

联邦调查局（FBI）发言人拒绝透露细节，但表示该局已获悉此事，并“正在与合作伙伴合作，找出并追究责任人”。国会警察拒绝置评。

In a statement, Moolenaar said the effort was another example of China’s offensive cyber operations designed to steal American strategy and leverage it. “We will not be intimidated,” he said.

穆勒纳尔在一份声明中表示，此次行动是中国旨在窃取美国战略并加以利用的攻击性网络行动的又一例证。“我们不会被吓倒，”他说。

Chinese officials have disputed U.S. hacking allegations, saying such claims are intended to distract from Washington’s own aggressive actions.

中国官员对美国的黑客指控提出异议，称此类指控是为了转移人们对华盛顿自身侵略行动的注意力。

The Chinese Embassy said the country opposes and combats cyberattacks, adding “we also firmly oppose smearing others without solid evidence.”

中国大使馆表示，中国反对并打击网络攻击，并补充说“我们也坚决反对在没有确凿证据的情况下抹黑他人”。

The alleged campaign comes as U.S. law-enforcement officials have been surprised by the prolific and creative nature of China’s spying efforts. The FBI revealed last month that a Beijing-linked espionage campaign that hit U.S. telecom companies and swept up Trump’s phone calls actually targeted more than 80 countries and reached across the globe.

此次所谓的行动发生之际，美国执法官员对中国间谍活动的多产性和创造性感到惊讶。美国联邦调查局上个月披露，一项与北京有关的间谍活动袭击了美国电信公司，并窃取了特朗普的电话通话， 实际上针对了 80 多个国家，覆盖了全球。

China’s potential use of Moolenaar as a lure was particularly galling for the committee staffers given that the lawmaker has been a harsh critic of Beijing. China’s leadership “approaches the United States as an enemy to be harmed rather than as a partner,” he said in January.

鉴于这位议员一直严厉批评北京，中国可能利用莫莱纳尔作为诱饵，这尤其令委员会工作人员感到恼火。他在今年1月表示，中国领导层“把美国视为需要伤害的敌人，而不是合作伙伴”。

The cybersecurity firm Mandiant determined the spyware would allow the hackers to burrow deep into the targeted organizations if any of the recipients had opened the purported draft legislation, according to documents reviewed by The Wall Street Journal.

据《华尔街日报》审阅的文件显示，网络安全公司 Mandiant 认定，如果任何收件人打开了所谓的立法草案，该间谍软件将允许黑客深入目标组织。

The Moolenaar impersonation comes as several administration officials have recently faced impostors of their own.在发生 Moolenaar

冒充事件的同时，几名政府官员最近也遇到了冒名顶替者。The State Department warned diplomats around the world in July that an impostor was using AI to imitate Secretary of State Marco Rubio’s voice in messages sent to foreign officials.

美国国务院 7 月份向世界各地的外交官发出警告，称有人利用人工智能模仿国务卿马可·卢比奥的声音，向外国官员发送信息。

Federal authorities are also investigating an effort to impersonate White House chief of staff Susie Wiles, the Journal reported in May.

《华尔街日报》 5 月份报道称，联邦当局还在调查冒充白宫办公厅主任苏西·威尔斯 (Susie Wiles) 的行动 。

The identity of either impostor remains unknown. The FBI issued a warning that month that “malicious actors have impersonated senior U.S. officials” targeting contacts with AI-generated voice messages and texts.

这两名冒名顶替者的身份目前仍不得而知。联邦调查局当月发出警告称，“恶意行为者冒充美国高级官员”，利用人工智能生成的语音信息和短信来攻击联系人。

Another alleged impersonation-based hacking attempt also targeted the China committee. In January, staffers on the committee received emails falsely claiming to be from the CEO of Chinese crane manufacturer ZPMC, according to people familiar with the episode.

另一起据称基于冒充身份的黑客攻击也针对了中国委员会。据知情人士透露，今年 1 月，该委员会的工作人员收到了一封虚假的电子邮件，声称该邮件来自中国起重机制造商振华重工（ZPMC）的首席执行官。

Last year, Moolenaar’s committee published a 50-page report alleging that Beijing could remotely seize control of ZPMC cranes at U.S. ports allowing it to spy on American trade flow or disrupt the movement of goods.

去年，莫勒纳尔的委员会发布了一份长达 50 页的报告，声称北京可以远程控制美国港口的振华重工起重机，从而监视美国的贸易流或扰乱货物运输。

The hacking group linked to the Moolenaar emails is known by the FBI as one of China’s most prolific, pulling off a wave of attacks against Washington. It has also allegedly kept up a lucrative side job of crime.

美国联邦调查局 (FBI) 称，与 Moolenaar 邮件相关的黑客组织是中国最活跃的黑客组织之一，曾对华盛顿发动过一波又一波的攻击。据称，该组织还从事着利润丰厚的犯罪副业。In 2020, authorities charged alleged members of the group with stealing digital videogame money as it scooped up trade secrets and user data for Beijing.

2020年，当局指控该组织成员涉嫌窃取数字视频游戏资金，为北京窃取商业机密和用户数据。

Dakota Cary, an analyst at SentinelOne, a cybersecurity research company that has closely tracked the group, likened China’s use of APT41 to shopping at Costco, saying the hackers were known for high-volume efforts that get the job done but aren’t particularly high end.

密切跟踪该组织的网络安全研究公司 SentinelOne 的分析师达科塔·卡里 (Dakota Cary) 将中国使用 APT41 比作在好市多购物，称这些黑客以大举进攻完成任务而闻名，但并不是特别高端。

“They were just everywhere,” he said. “

它们无处不在，”他说。