Chinese Hackers Impersonate U.S. Lawmaker in Targeted Cyber-Espionage Campaigns

The House Select Committee on China is warning of a new wave of highly targeted cyber-espionage attacks that investigators say are linked to the Chinese Communist Party (CCP). The operations, which have sought to infiltrate U.S. government agencies, law firms, think tanks, and business organizations, included attempts by hackers to impersonate Committee Chairman John Moolenaar.

According to the Committee, attackers recently sent fraudulent emails in Moolenaar’s name to trusted counterparts in Washington and abroad. The emails contained malicious files and links intended to compromise recipients’ systems and siphon sensitive information during ongoing high-level U.S.–China trade engagements.

Technical analysis conducted by the Committee concluded that the perpetrators exploited widely used software and cloud services to mask their activity, a tactic consistent with state-sponsored cyber tradecraft.

“This is another example of China’s offensive cyber operations designed to steal American strategy and leverage it against Congress, the Administration, and the American people,” Chairman Moolenaar said in a statement. “We will not be intimidated, and we will continue our work to keep America safe.”

The incidents come just months after a January 2025 spear-phishing campaign in which attackers, posing as representatives of ZPMC North America, targeted four Committee staffers. The hackers attempted to trick the staff into visiting a credential-harvesting website disguised as a file-sharing portal, aiming to steal Microsoft 365 login details without deploying malware.

Committee investigators say the timing, methods, and targets of the latest attacks suggest a coordinated CCP-backed campaign intended to influence U.S. trade and foreign policy deliberations. Their analysis indicates that hackers used developer tools to create covert digital pathways, enabling them to transfer stolen data to remote servers secretly.

The Committee has shared evidence with the FBI and U.S. Capitol Police and pledged continued cooperation with federal partners and affected organizations.