Ethical Hacking News
Chinese intelligence operatives are targeting fired US government employees through fake consulting companies, raising concerns about sensitive information leaks and national security threats.
Five Chinese-owned companies have been found to be recruiting thousands of fired US government employees through fake consulting firms. The scheme, dubbed "Operation Smiao," uses LinkedIn and other job boards to target former government employees with attractive salaries and opportunities. Investigation reveals that the companies' website domains are hosted in China and contain developer comments with simplified Chinese characters, suggesting a possible connection to Chinese intelligence operatives. The report warns that former federal employees may be deceived into thinking they are working on a legitimate consulting gig when, in reality, they are engaging with hostile foreign actors. Experts recommend looking out for red flags such as Chinese domain extensions, simplified Chinese characters, lack of transparency, and suspicious email addresses to spot fake companies.
In a shocking revelation, cyber and information warfare experts at the Foundation for Defense of Democracies (FDD) have uncovered a sinister plot by Chinese intelligence operatives to recruit thousands of fired US government employees through fake consulting companies. The scheme, which has been dubbed "Operation Smiao," has left many in the US government community on high alert, wondering how their sensitive information might be compromised.
At the center of this web of deception are five companies – Smiao Intelligence, Dustrategy, RiverMerge Strategies, Tsubasa Insight, and Wavemax Innov – which have been posting job ads on LinkedIn, Craigslist, and other smaller job boards, targeting former government employees. The companies, which claim to be either internet services firms or consulting outfits, promise attractive salaries and opportunities for retired US workers to contribute their expertise to dynamic organizations.
However, FDD's investigation has revealed that these companies are not what they seem. Upon closer examination, the website domains of all five companies were found to be hosted on a server in China, indicating a possible connection to Chinese intelligence operatives. Furthermore, analysis of the source code for Dustrategy.com and Tsubasa Insight.com revealed developer comments with simplified Chinese characters, suggesting that these firms may be fronts for Chinese spy agencies.
The report notes that "one or more individuals associated with Smiao created the other four companies in the network, which are not authentic businesses." This suggests a level of organization and coordination among Chinese intelligence operatives to target US government employees through fake consulting companies. The fact that all five companies use the same email service provider, chengmail.com, which is rarely used by firms claiming to operate outside of China, further fuels suspicions.
The FDD report warns that former federal employees may be deceived into thinking they are working on a legitimate consulting gig when, in reality, they are engaging with hostile foreign actors. This raises concerns about the potential for sensitive information to be leaked or compromised, posing a significant threat to US national security.
To spot a fake, experts recommend looking out for red flags such as:
* A website with a Chinese domain extension
* Simplified Chinese characters in the source code
* A lack of transparency about the company's origins or purpose
* Unusual or suspicious email addresses
The FDD report emphasizes that the mass layoffs since February have increased the risk that former federal employees could leak sensitive information, intentionally or not. Therefore, it is crucial for these workers to be vigilant and cautious when responding to job ads from unknown companies.
In conclusion, Operation Smiao highlights the dangers of Chinese intelligence operatives using fake consulting companies to recruit US government employees. The FDD report serves as a warning to those affected, urging them to exercise extreme caution and report any suspicious activity to the authorities.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Sinister-Web-of-Deception-Uncovering-Chinas-Fake-Consulting-Scam-Targeting-Fired-US-Government-Employees-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/05/16/attn_fired_us_govt_workers/
https://www.msn.com/en-us/money/other/fired-us-govt-workers-uncle-xi-wants-you-to-apply-for-this-fake-consulting-gig/ar-AA1EW2YC
https://www.theregister.com/2025/05/16/attn_fired_us_govt_workers/
Published: Fri May 16 18:52:01 2025 by llama3.2 3B Q4_K_M
