Skip to main content

China blamed for Gmail attack, top US officials targeted

google-china-logo-gmailGoogle said on Wednesday that hackers believed to be based in Shandong province in China have attempted to trick hundreds of Gmail users into giving away their passwords, including those belonging to US government officials, Chinese political activists, officials in several Asian countries, military personnel and journalists.

In a post on the company’s blog, Eric Grosse, a member of the Google security team, said that the passwords had been obtained “likely through phishing,” with the probable aim being to monitor e-mail content. Forwarding and delegation settings would likely have been changed too, he said.

The company pointed out that it had “detected and disrupted” the security breach and contacted victims, securing their accounts in the process. The relevant government authorities have also been informed, Grosse said. A Reuters report quoted White House spokesman Tommy Vietor saying that he had no evidence suggesting that any government email accounts had been accessed. The report also stated that the FBI were currently reviewing the matter.

Google was keen point out that its internal systems had not been affected by the attack. “These account hijackings were not the result of a security problem with Gmail itself,” Grosse said. “But we believe that being open about these security issues helps users better protect their information online.”

The blog post suggests some ways users of Google’s products can improve their security, including 2-step verification, which uses a phone and second password on sign-in. This method, said the company, protected some users from this latest attack.

It’s not the first time Google believes it has been targeted by hackers based in China. In March, the company claimed that the Chinese government had hacked its Gmail service in an attempt to quell social unrest in the country, and in December last year cables released by Wikileaks appeared to show that another attack on Google had been approved by senior Chinese officials.

Editors' Recommendations

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
North Korean hackers are targeting crypto workers
A hand on a laptop in a dark surrounding.

Hackers believed to be associated with the North Korean-based cybercriminal group Lazarus have attempted yet another digital heist by targeting cryptocurrency firm deBridge Finance.

As reported by Bleeping Computer, deBridge operates as a “liquidity transfer protocol that allows decentralized transfer of data and assets” between multiple blockchain platforms.

Read more
North Korean hackers target huge crypto exchange — are user funds safe?
A depiction of a hacker breaking into a system via the use of code.

North Korean hackers are attempting to lure in cryptocurrency experts via bogus job offers for crypto exchange platform Coinbase.

As reported by Bleeping Computer, a campaign orchestrated by the well known North Korean Lazarus hacking group has been uncovered, and its target is those involved in the increasingly popular fintech (financial technology) industry.

Read more
Europe just suffered its worst DDoS attack ever, but we don’t know why
A depiction of a hacker breaking into a system via the use of code.

A record-breaking distributed denial-of-service (DDoS) attack situated within Europe was attempted during July, a new report has confirmed, but the lack of details on the target leaves the motive undetermined.

The largest DDoS attack ever detected in European-based regions was revealed by cybersecurity and cloud service firm Akamai, who said the target was one of its own customers.

Read more