"With the strength of our security and cloud detection systems from abuse, we have recently discovered a campaign to collect user passwords, probably phishing," Google director of engineering Eric Grosse said the Blog of the company. "This campaign, which is apparently of Jinan, China, hit what appeared to be personal Gmail accounts to hundreds of users, including, among others, senior U.S. government officials, Chinese political activists, officials in several countries Asia (mainly South Korea), military personnel and journalists. "
Google said that the attack was focused on monitoring the content of e-mails targeted users by secretly transferring compromised accounts. The attack is reminiscent of the famous last year Google security flaw prompted by Chinese pirates.
"Google has detected and disrupted the campaign to take the passwords of users and control their e-mails," Grosse said. "We informed the victims and secure their accounts." The search giant is now encouraging users to activate a verification process in two steps to prevent unauthorized access from new computers.
That, at least the second attack targeting the Google Accounts by Chinese pirates. The first time it happened, Google has released close to China and caused a huge controversy by refusing to censor its search engine. This time Google has tried to bury the lede, and not turn this into another fiasco Google vs. China. Maybe it's the wisest move: after all, people are fooled by phishing scams at all times, even senior U.S. officials.
Post a Comment