A spy tool tied to the Chinese government was discovered on the National Foreign Trade Council’s website, according to a cybersecurity firm.
The trade group includes members from prominent companies including Wal-Mart, Johnson & Johnson, Amazon and Ford.
Fidelis Cybersecurity said an NFTC registration page included a malicious link that would launch Scanbox, a tool that logs what kind of software is being used by the computers exposed to it, Reuters reported. The tool has only been linked to groups associated with the Chinese government, the researchers said.
Fidelis researchers said the attack, which NFTC detected five weeks ago, was likely the kind of traditional espionage that happens before large international summits—in this case, President Donald Trump’s April meeting with Chinese President Xi Jinping. The firm also said the link has been removed and there is no evidence NTFC members were affected.