A cyber security professional named Brandon Dixon recently discovered an e-mail scam, apparently sent by the same group responsible for the "NetTraveler" attacks sourced to Chinese hackers, with an ingeniously newsy hook.
The e-mail, which Dixon posted in full, carries the subject line "CIA's prism Watchlist," a reference to the secret U.S. data-mining program code-named PRISM. It includes some half-sensical text, filled with references to the National Security Agency and yes even The Washington Post, followed by a 2.5 megabyte attachment, "Monitored List1.doc," which is actually a spying tool that lets the e-mail sender break into your computer.
The e-mail was sent to an India-based Tibetan activist group called the Regional Tibet Youth Congress, precisely the sort of target often singled out by Chinese hackers. Its "sender" is listed as Jill Kelley, the Tampa socialite who found herself in the middle of the scandal that brought down General David Petraeus. These sorts of e-mails, a common tool of hackers, are known as "phishing scams."
There's a wonderful irony to Chinese hackers name-checking PRISM in their attacks. Chinese state media have condemned the U.S. cyber spying programs, perhaps earnestly but also clearly in part to deflect long-standing U.S. criticism of China's extensive cyber espionage, which has included infiltrating U.S institutions and stealing military and technological secrets. China's implicit defense seems to be that the United States is little better and so has no grounds to criticize.
In other words: Chinese hackers now appear to be using a U.S. spying program, which is also the basis of China's defense against U.S. criticism of their hacking, in order to do more hacking. You have to wonder if the hackers appreciate the irony.