Google recently announced it uncovered a hijacking scam based out of China.
The company's engineer director for its security team, Eric Grosse, said because of its cloud-based security system, it uncovered a phishing attack originating from Jinan, China. The company said bad actors used malware and phishing scams to trick hundreds of users including senior U.S. government officials, Chinese political activists, officials in several Asian countries into collecting their passwords.
Account hijackings are typically used to steal financial data or simply send spam. Usually they are not targeted at individuals and just done en masse, however this one may have been more targeted Google says.
The goal of this effort seems to have been to monitor the contents of these users' emails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings, Grosse said in a blog post.
Google said it detected and disrupted this campaign. Grosse said they have notified victims and secured their accounts as well as government authorities. He also said the problem as not an internal one with Google's security.
It's important to stress that our internal systems have not been affected-these account hijackings were not the result of a security problem with Gmail itself. But we believe that being open about these security issues helps users better protect their information online, Grosse said.
Grosse said 2-step verification, stronger passwords, only singing in into proper signup prompts and checking emails for suspicious forwarding addresses are ways this can be avoided.
In the past, the relationship between Google and China has been shaky at best. In 2010, all searching via Google including mobile was banned in mainland China. The ban was eventually lifted, but in the past the certain search terms have been banned in the country.
The company has also gotten several cyber attacks from China in the past, one which was described as a highly sophisticated and targeted attack. The attack actually led Google to no longer letting China ban certain search terms, which led to the one day ban of all Google terms. The matter was eventually resolved with certain search terms not allowed.