Chinese Spy Used Spear Phishing to Steal NASA Defense Software

A multi-year spear-phishing campaign impersonated U.S. researchers to steal restricted aerospace software from NASA and the military. Here's what went wrong.

A Four-Year Impersonation Campaign Hiding in Plain Sight Between 2017 and 2021, a Chinese national named Song Wu ran one of the most brazen spear-phishing operations ever documented against the United States government. An engineer at the Aviation Industry Corporation of China (AVIC) — one of the world's largest state-owned aerospace and defense conglomerates — Wu created fake email accounts impersonating real U.S.-based researchers and engineers, then used those accounts to systematically request restricted software from NASA employees, military personnel, and university researchers. The targets were not random. The software Wu sought was specialized for aerospace engineering and computational fluid dynamics — tools with direct applications in the development of advanced tactical missiles, weapons aerodynamics, and military aircraft design. This was not opportunistic cybercrime. It was a calculated, state-aligned intelligence operation conducted entirely through email. How the Spear-Phishing Campaign Worked Unlike mass phishing campaigns that blast thousands of generic emails, spear phishing is precise. Wu's operation demonstrated a level of patience and research that should conce

Article details

Category: Phishing & Social Engineering. Published on Apr 30, 2026.