Now on Demand: Zero Trust Strategies Summit - Access All Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Nation-State

DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military

Chinese national Song Wu allegedly sent spear-phishing emails to NASA, Air Force, Navy, Army, and FAA employees.

The US on Monday announced charges against a Chinese national who allegedly sent spear-phishing emails to government employees in an effort to obtain restricted software.

The individual, Song Wu, 39, who remains at large, allegedly created email accounts posing as US-based researchers and engineers, and used them to send spear-phishing messages to NASA, Air Force, Navy, Army, and FAA employees.

According to the indictment (PDF), Song also targeted individuals working at major research universities across the US, as well as employees at private companies in the aerospace sector.

The fraudulent emails, seemingly coming from associates, colleagues, friends, or other individuals in the industry, requested that the recipients shared source code or software they were believed to have access to.

Song was allegedly seeking to obtain access to “specialized restricted or proprietary software used for aerospace engineering and computational fluid dynamics,” including software and source code created by NASA, the Department of Justice says.

While engaging in the spear-phishing campaign, Song was an employee of the Aviation Industry Corporation of China (AVIC), a state-owned aerospace and defense conglomerate headquartered in Beijing, China, which makes civilian and military aircrafts.

According to the indictment, Song engaged in the spear-phishing campaign between 2017 and 2021, aided and abetted by other, unknown individuals. He was charged with wire fraud and aggravated identity theft and faces up to 20 years in prison.

On Monday, the DoJ also unsealed a 2021 indictment (PDF) alleging that Jia Wei, a Chinese national, operating on behalf of China’s People’s Liberation Army, hacked into a US communication company’s network to steal proprietary information.

Advertisement. Scroll to continue reading.

The DoJ also announced charges against Denis Postovoy, a Russian national living in the US, for illicitly exporting to Russia microelectronic components that can be used in unmanned aerial vehicles (UAVs) or drones.

Samer Bhambhani, a Massachusetts resident, and Maksim Teslenko, a Russian national, were charged with conspiring to export laser welding machines to Russia.

Gholam Reza Goodarzi, also known as Ron Goodarzi, was charged with smuggling UAV components to Iran, while Jeffrey Chance Nader was charged with conspiracy to procure and export aircraft components to Iran.

Related: Indian APT Targeting Mediterranean Ports and Maritime Facilities

Related: New Threat Actor ‘AeroBlade’ Targeted US Aerospace Firm in Espionage Campaign

Related: Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks

Related: New PowerShell Backdoor Poses as Part of Windows Update Process

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.