Chinese hackers are believed to be behind a recent attempt to spy on trade groups and other organizations ahead of US-China trade talks, the Wall Street Journal reported. 

The publication learned from documents and people familiar with the matter that US trade groups, law firms and government agencies received an email purporting to come from Rep. John Moolenaar, chairman of the House Committee on the Chinese Communist Party.

The messages, coming from a non-government email address, urged recipients to provide feedback on proposed sanctions against China, telling them that their “insights are essential”. 

The email contained an attachment that appeared to be a draft of the legislation. However, it turned out to be a piece of malware that has been linked to the threat group tracked as APT41, which has long been believed to be sponsored by the Chinese government, specifically the Ministry of State Security.

WSJ reported that Google’s Mandiant investigated the attack and found that the malware would enable the hackers to gain deep access into the targeted organizations. However, it’s unclear how many — if any — of the targets installed the spyware.

The emails were sent out in July, just days prior to a meeting between US and Chinese officials in Sweden. The goal of the malware attack was likely to spy on organizations providing input on the Trump administration’s trade negotiations.

China has — as always — denied the accusations, saying that such claims are intended to distract from the United States’ own aggressive actions.

This is not the only recent cyber incident involving impersonation of a top US official. In July, the State Department warned diplomats of attempts to impersonate Secretary of State Marco Rubio and possibly other officials using AI.