The National Foreign Trade Council (NFTC), a nonprofit American trade association, was hacked by a Chinese group on Thursday.
The hackers, in pursuit of interests for the Chinese government, infiltrated NFTC web pages. The culprits embedded virus-laden links into a page designed for members to register for upcoming meetings.
The malware was discovered to have unleashed a spying tool called Scanbox. Fidelis cybersecurity researcher John Bambenek told Reuters that a Scanbox can record the type of software running on computers.
Bambenek also says the Scanbox prototype is typically associated with groups linked to the Chinese government.
The hacking comes at a sensitive time since a Thursday summit between U.S. President Donald Trump and Chinese President Xi Jinping is expected to occur. It’s the first meeting between Xi and Trump.
“I think it’s traditional espionage that happens ahead of any summit,” said Bambenek. “They would like to know what we, the Americans, really care about, and use that for leverage.”
NFTC’s corporate members include Wal-Mart, Johnson & Johnson, Amazon.com, Ford Motor Co., and Microsoft.