Chinese hackers stole $1 million from a Chinese venture capital through an email compromise scheme with its origin in Hong Kong, according to a report by security firm Check Point.
The funding, intended for an Israeli start-up, was never received, Check Point, says, while declining to name the companies.
The hacker created two lookalike domains after seeing the email thread announcing the funding round. It altered the domains slightly, adding an "s" to each of the domain names.
The bad actor then sent two emails, using the headline in the original thread. One that went to the Chinese VC spoofed the email address of the Israeli start-up’s CEO, Check Point states.
The other spoofed the account of the person handling the investment for the Chinese company.
In addition, the hacker was able to receive every email send by each side, then forwarded it, editing the content as needed. The hacker sent 18 emails to the Chinese side, and 14 to the Israeli side.
The attacker is still at large with the $1 million, Check Point continues.