Google has identified a new campaign, probably originating in China, to monitor the Gmail accounts of US and Asian officials, Chinese acivitists, military users and journalists.
According to Eric Grosse, engineering director of the Google security team, the campaign seeks to collect user passwords, likly through phishing.
“This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior US government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists,” he writes on the official Google blog.
“The goal of this effort seems to have been to monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings. (Gmail enables you to forward your emails automatically, as well as grant others access to your account).
“Google detected and has disrupted this campaign to take users’ passwords and monitor their emails. We have notified victims and secured their accounts. In addition, we have notified relevant government authorities.”
Grosse stresses that Google’s internal systems have not been affected. “These account hijackings were not the result of a security problem with Gmail itself. But we believe that being open about these security issues helps users better protect their information online,” he says.