Chinese national accused by US of NASA and military spear-phishing campaign

A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system

(Image credit: weerapatkiatdumrong / Getty Images)

The US Department of Justice (DoJ) accused a Chinese national, named Song Wu, of stealing sensitive information and proprietary software from NASA and other high-profile government and private organizations in the United States.

In a press release published on the DoJ website, the organization noted Wu was working at the Aviation Industry Corporation of China (AVIC) as an engineer. AVIC is the country’s aerospace and defense conglomerate.

While employed at AVIC, between 2017 and 2021, he was sending phishing emails to people working at NASA, the Air Force, Navy, and Army, the Federal Aviation Administration, as well as people working at universities in Georgia, Michigan, Massachusetts, Pennsylvania, Indiana, and Ohio.

Successful phishing

In these emails, he was impersonating other people working at these organizations, casually asking for things such as source code, proprietary software, and similar. The software is used in aerospace engineering, missile and weapons development, and more.

One of the emails, showcased in the indictment, read: "Hi [Victim 2], I sent Stephen an email for a copy of NASCART-GT code, but got no response right now. He must be too busy. Will you help and sent (sic) it to me?"

NASCART-GT, short for Numerical Aerodynamics Simulation via CARTesian Grid Techniques, is a computational fluid dynamics (CFD) solver developed at Georgia Tech. It simulates complex aerodynamics, including supersonic and hypersonic flows, for various aerospace applications.

Apparently, the strategy worked, as at least some people ended up giving Wu what he needed. The DoJ does not say what was stolen:

"In some instances, the targeted victim, believing that defendant SONG … was a colleague, associate, or friend requesting the source code or software electronically transmitted the requested source code or software to defendant Song."

Wu, 39, is now facing 14 counts of wire fraud, and 14 counts of aggravated identity theft. He remains at large, and if arrested, could face up to 20 years in prison for each count of wire fraud, and two years for each count of aggravated identity theft, The Register reports.

Via The Register

More from TechRadar Pro

Chinese companies are being targeted in phishing attacks by malicious SquidLoader
Here's a list of the best firewall software around today
These are the best endpoint security tools right now

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.