Google Reveals Attack On Gmail

  /     /     /  
Publicated : 22/11/2024   Category : security


Google Reveals Attack On Gmail


Hundreds of personal accounts, including those of senior U.S. government officials, are affected



Google this week revealed a phishing attack that targets users of its Gmail accounts, including well-known government officials.
Through the strength of our cloud-based security and abuse detection systems, we recently uncovered a campaign to collect user passwords, likely through phishing, Google said in a
blog
.
This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries ]predominantly South Korea], military personnel, and journalists.
The goal of this effort seems to have been to monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings, the blog states.
Google said it has disrupted the phishing campaign, notified the victims, and secured their accounts. The search engine giant said it has notified government authorities.
It’s important to stress that our internal systems have not been affected -- these account hijackings were not the result of a security problem with Gmail itself, Google states.
Many security vendors and experts offered their perspectives on the Gmail attack.
This Google attack is another example that supports the premise that if your organization has any electronically stored information that could be of value to someone or some other organization, then you should assume that an attempt to access it will be made though some type of cyber attack or social engineering attempt, said Mike Paquette, chief strategy officer at Top Layer Security.
Phishing attacks are requiring less user intervention, Paquette said. In fact, today, many of these attacks are no longer directly asking users to provide sensitive information, but instead rely on tempting the user to click on a hyperlink, launching their Web browser to a malicious website that will remotely exploit their computer, depositing malware that will simply steal the sensitive information and exfiltrate it.
Have a comment on this story? Please click Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Researchers create BlackForest to gather, link threat data. ◂
Discovered: 23/12/2024
Category: security

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Google Reveals Attack On Gmail