Supporters of GDP seen on a vehicle. Photo: Enric Catala Contreras/SOPA Images/LightRocket via Getty Images

Researchers at FireEye found evidence that a Chinese hacker group known as TEMP.Periscope spied on both sides of the Cambodian election, according to a new report.

What they're saying: Benjamin Read, FireEye senior manager for cyber espionage analysis said in a statement: "China is heavily surveilling all parts of the upcoming Cambodian elections. We have not seen any evidence of activity beyond intelligence collection, but Cambodia is a key ally, so any change in ruling party would be of interest to China."

The details: TEMP.Periscope was previously only known for espionage on maritime targets. The election targets show a new interest in geopolitics.

  • The attack leveraged Airbreak, Homefry, Murkytop, HTran, and Scanbox malware already attributed to the group, as well as two new families of malware: a backdoor FireEye dubbed Eviltech and a credential harvesting program it dubbed Dadbod.
  • Airbreak malware, which is used to install other malware programs, was affixed to lure documents related to Cambodian politics.

Targets of the attack include:

    • The National Election Commission, Ministry of the Interior, Ministry of Foreign Affairs and International Cooperation, Cambodian Senate, Ministry of Economics and Finance.
    • A Member of Parliament representing the ruling Cambodia National Rescue Party.
    • Multiple human rights advocates in opposition to the ruling party.
    • Two Cambodian diplomats serving overseas.
    • Multiple Cambodian media outlets.
    • Monovithya Kem, deputy director-general of public affairs of the Cambodia National Rescue Party.
    • The daughter of imprisoned Cambodian opposition party leader Kem Sokha.

The attack provided new evidence that TEMP.Periscope is a Chinese group from FireEye, which monitored a control server from the attack.

  • While the attackers usually used location-hiding anonymity measures, the one connection that didn't was located in Hainan, China.
  • Computers that connected to the server had Chinese language settings.

Go deeper

9 hours ago - Health

Fauci says if people won't wear masks, maybe it should be mandated

Anthony Fauci. Photo: Graeme Jennings- Pool/Getty Images

NIAID director Anthony Fauci told CNN on Friday evening that if "people are not wearing masks, then maybe we should be mandating it."

Why it matters: Fauci made the comments the same day the U.S. hit its highest daily COVID-19 case count since the pandemic began.

Harris to Black voters: Casting a ballot is about honoring your ancestors

Democratic vice presidential nominee Kamala Harris speaks at a "Get Out The Vote" rally at Morehouse College. Photo: Elijah Nouvelage/AFP via Getty Images

Sen. Kamala Harris appealed to Black voters in Georgia on Friday, urging them to "honor the ancestors" by casting ballots, and again calling President Trump a "racist."

Why it matters: The U.S. saw a significant decline in African-American voter turnout between 2012 and 2016, reaching its lowest point since 2000. Higher turnout among Black Americans this year could tip the balance in favor of Democrats in key battleground states, including Georgia.

Updated 9 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Politics: Fauci: Trump hasn't been to a COVID task force meeting in months.
  2. Sports: The youth sports exodus continues — Big Ten football is back.
  3. Health: U.S. hits highest daily COVID-19 case count since pandemic began —AstraZeneca to resume vaccine trial in U.S.How to help save 130,000 lives.
  4. Retail: Santa won't greet kids at Macy's this year.
  5. World: Spain and France exceed 1 million cases.