Google kills Gmail spy campaign

Powered by SC Magazine
 

China suspected of targeting Asian nations.

Google has identified and disrupted a campaign operating out of eastern China meant to hijack and monitor the Gmail accounts belonging to hundreds of users, the technology giant revealed Wednesday.

Victims included US and Asian government officials - mostly from South Korea, military members, journalists and Chinese political activists, said Eric Grosse, engineering director of the Google's security team, in a blog post.

The campaign appears to trace back to Jinan, China and involves the theft of user's Gmail passwords, likely through phishing, he said. Google was able to disrupt the campaign, secure the affected accounts and notify the targeted individuals.

"The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings," Grosse wrote. "Google enables you to forward your emails automatically, as well as grant others access to your account."

This wasn't an attack on Google's network, as was the case last year, but instances of individual users being targeted, he stressed.

Google offers various security capabilities on Gmail, including two-factor authentication and suspicious activity detection, that users should consider, Grosse said.

This article originally appeared at scmagazineus.com

Copyright © SC Magazine, US edition


Google kills Gmail spy campaign
 
 
 
Top Stories
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
Doubts cast on Queensland's ICT Dashboard
Opposition, former Govt CIO say it can't be trusted.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  29%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  23%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 830

Vote