20260424-thehackernews.com-5e82a | Perceptive Security

< Back to index

NASA Employees Duped in Chinese Phishing Scheme Targeting U.S. Defense Software

Published:

24 April 2026 at 14:13:00

Alert date:

24 April 2026 at 16:01:50

Source:

thehackernews.com

Data Breach & Exfiltration, Email & Messaging, Critical Infrastructure

NASA's Office of Inspector General revealed a sophisticated spear-phishing campaign where a Chinese national impersonated a U.S. researcher to target NASA employees and obtain sensitive information. The campaign also targeted government entities, universities, and private companies, focusing on U.S. defense software in violation of export control laws. The multi-year operation demonstrates advanced social engineering techniques and represents a significant national security concern given NASA's critical infrastructure role.

Technical details

Multi-year spear-phishing campaign from January 2017 to December 2021 where Chinese national Song Wu posed as U.S. researcher and impersonated colleagues to obtain sensitive aerospace modeling software and source code used for weapons development and aerodynamic design. The attackers conducted extensive research on targets and used imposter accounts to masquerade as friends and colleagues to gain victims' trust and access to proprietary software.

Mitigation steps:

Be aware of common phishing indicators including multiple requests for the same software without justification, unusual payment methods, abrupt changes in payment terms, and unconventional transfer methods. Verify the identity of colleagues requesting sensitive software or information, especially when dealing with export-controlled technology.

Affected products:

Aerospace modeling software
Defense technology software
Proprietary software and source code for weapons development