Congressman John Moolenaar Chairman of the Select Committee on the CCP | Official U.S. House headshot
Congressman John Moolenaar Chairman of the Select Committee on the CCP | Official U.S. House headshot
The House Select Committee on China has reported ongoing cyber-espionage campaigns that it attributes to the Chinese Communist Party. According to the Committee, these efforts are targeting organizations and individuals involved in U.S.–China trade policy and diplomacy. The targets include U.S. government agencies, business organizations, law firms, think tanks, and at least one foreign government.
In recent weeks, suspected Chinese cyber-attackers have impersonated Chairman John Moolenaar in emails sent to trusted counterparts. These messages aimed to deceive recipients into opening files or links that would allow attackers access to their systems during ongoing high-level U.S.–China trade discussions. The Committee’s technical analysis found that the perpetrators used software and cloud services to conceal their activity as they attempted to steal sensitive data.
"This is another example of China’s offensive cyber operations designed to steal American strategy and leverage it against Congress, the Administration, and the American people," said Chairman Moolenaar. "We will not be intimidated, and we will continue our work to keep America safe.”
The Committee noted that these incidents follow a January 2025 spear-phishing campaign targeting four staff members working on a confidential investigation into ZPMC, a major Chinese state-owned enterprise. Attackers posed as a ZPMC North America representative using file-sharing deception in an attempt to acquire Microsoft 365 credentials from staff without deploying malware.
Based on patterns observed—including timing and methods—the Committee believes this activity is part of state-backed espionage by the CCP intended to influence U.S. policy deliberations and negotiation strategies for advantage in trade and foreign policy. Their analysis indicated that attackers exploited developer tools to create hidden channels for secretly transferring data.
Information about these incidents has been shared with the FBI and U.S. Capitol Police. The Committee stated it will continue sharing relevant indicators with federal partners and affected organizations while supporting defensive or investigative actions as needed.
Alerts Sign-up