Gmail account hacks blamed on ChinaBy Johan Keyter 2 June 2011 | Categories: news
Google announced yesterday that a number of its Gmail email accounts had been hacked into, and that hackers originating from China is expected to be behind the attack.
The latest in a long line of cyber attacks launched from China, the hack has been seen as especially suspicious as it targeted the personal Gmail accounts of users including senior U.S. Government officials, Chinese political activists, officials from other Asian countries (especially South Korea), military personnel and also journalists.
According to a Google blog post, the hack appears to have originated from Jinan, China, a large city which also happens to be home of a People's Liberation Army technical reconnaissance bureau.
Google has stated that the hack didn't take place due to any security failings on their side, but was rather due to accounts being hijacked by, “using malware and phishing scams that trick users into sharing their passwords.”
While no party has claimed responsibility for the attack, its goal seems to have been to monitor certain email accounts (using stolen passwords), while tampering with forwarding and delegation settings.
Independent researcher Mila Parkour wrote in a February public blog post about these kinds of attacks, which Google said it used to uncover the phishing campaign this time around. According to Parkour, the methods used by these hackers are usually unsophisticated “spear phishing” attacks which try to catch victims off guard with a fake email message, usually appearing to stem from someone they know.
Once attackers gain a user's login credentials they can establish rules to forward all their mail to another account, can read all their mail, and can use this information to make future phishing scams seem more plausible (for example, including references to family members, friends or knowledge of recent meetings).
Google said that it had quickly detected and disrupted this latest campaign, with victims being notified and having their accounts secured. The company also, “notified relevant government authorities.”
While the perpetrators are still unknown, the types of targeted accounts does raise eyebrows. The Chinese government meanwhile has denied any involvement in the case.
Most Read Articles
Have Your Say
What new tech or developments are you most anticipating this year?