US probes malware email targeting trade talks with China, WSJ reports

ReutersSep 8, 2025 3:14 AM

Malware reportedly traced to APT41, linked to Chinese intelligence
WSJ says email targeted US trade groups, law firms, government agencies
Chinese embassy says it is not familiar with reported attack, opposes cyber crime

WASHINGTON, Sept 7 (Reuters) - U.S. authorities are investigating a bogus email purportedly from a Republican lawmaker that contained malware apparently aimed at giving China insights into the Trump administration's trade talks with Beijing, the Wall Street Journal reported on Sunday.

The malware in the email that appeared to be sent by Representative John Moolenaar in July to U.S. trade groups, law firms and government agencies was traced by cyber analysts to a hacker group - APT41 - believed to be working for Chinese intelligence, the newspaper said.

Moolenaar, a harsh critic of Beijing, is the chairman of a congressional committee focused on strategic competition between China and the United States, including threats to U.S. national security.

The email was the latest alleged Beijing-linked hacking operation aimed at giving China insight into recommendations to the White House for contentious trade talks with China, said the Journal, quoting people familiar with the matter.

The Chinese embassy in Washington said it was not familiar with the details of the reported attack and that all countries face cyberattacks that are difficult to trace.

"China firmly opposes and combats all forms of cyber attacks and cyber crime," it said in an emailed statement. "We also firmly oppose smearing others without solid evidence."

The Journal said the first malware email was sent just before U.S.-China trade talks in Sweden that led to an extension of a truce on tariffs until early November, when U.S. President Donald Trump and Chinese leader Xi Jinping could meet at an Asian economic summit.

"Your insights are essential," said the email that asked recipients to review proposed legislation attached to it.

Opening the draft legislation would have allowed the malware to give the hackers extensive access to the targeted groups, the newspaper said, adding that it could not be determined if the attacks had succeeded.

The newspaper said the U.S. Capitol Police were investigating the emails. The Capitol Police declined to comment to the Journal.

"While we are not commenting on any specific information, the FBI is aware of the situation, and we are working with our partners to identify and pursue those responsible," the FBI told Reuters.

In a statement to the Journal, Moolenaar called the attack another example of Chinese cyber operations aimed at stealing U.S. strategy. "We will not be intimidated," he said.

The fake email came to light when staffers of Moolenaar's committee started receiving puzzling inquiries about it, said the Journal, quoting people familiar with the matter.

Disclaimer: The information provided on this website is for educational and informational purposes only and should not be considered financial or investment advice.