Google Says It Uncovered Attempt to Steal Users’ Gmail Account Passwords

Google Inc. (GOOG), owner of the world’s most popular search engine, said hackers tried to steal passwords from hundreds of Gmail users, targeting the accounts of government officials in the U.S. and Asia.

The campaign, which appears to have originated in Jinan, China, probably used a so-called phishing scam to collect passwords with the goal of monitoring e-mail content, Eric Grosse, engineering director on the Google Security Team, said in a blog post. The company said it detected and disrupted the campaign, secured users’ accounts and notified authorities.

“We believe that being open about these security issues helps users better protect their information online,” Grosse said on the blog.

The campaign against Gmail users comes amid growing concern about network security, prompted by recent cyber attacks against Sony Corp. and Lockheed Martin Corp. Google said last year it was the victim of attacks against its systems that originated in China and focused on human-rights activists’ accounts. Google said it was no longer willing to censor search results in China, and then started redirecting users there to its Hong Kong service.

“A lot of this goes on internationally,” said Christopher McNally, a fellow and political economist at the East-West Center in Honolulu. “In most situations, it’s certain rogue organizations or even individuals that are doing it for profit.”

Photographer: Nelson Ching/Bloomberg

A pedestrian walks past Google Inc.'s China headquarters in Beijing, China, on Tuesday, June 29, 2010. Close

A pedestrian walks past Google Inc.'s China headquarters in Beijing, China, on Tuesday, June 29, 2010.

Close
Open
Photographer: Nelson Ching/Bloomberg

A pedestrian walks past Google Inc.'s China headquarters in Beijing, China, on Tuesday, June 29, 2010.

Tricking Users

In the recent case, Google’s internal systems weren’t affected, and the attempts didn’t involve a security problem with Gmail, Grosse said.

Phishing scams typically involve tricking users into sharing passwords that can then be used to obtain information. While most of these kinds of attacks aren’t very targeted, these “hijackings” went after senior U.S. government officials, Chinese political activists, officials in several Asian countries, military personnel and journalists.

Users should protect themselves by adopting such safeguards as multistep verifications for their accounts, strong passwords and checking for suspicious forwarding addresses, Grosse said.

Google, based in Mountain View, California, rose 59 cents to $526.19 at 9:51 a.m. New York time on the Nasdaq Stock Market. The shares declined 12 percent this year before today.

In January 2010, Google said it was targeted by “highly sophisticated” attacks from inside China aimed at obtaining proprietary information, as well as personal data belonging to human-rights activists who use the Gmail service. In March this year, the U.S. company accused the Chinese government of blocking Gmail.

Google didn’t say who was responsible for the latest cyber attacks.

Blaming China for the hacking of Google’s customer accounts is “unacceptable,” Foreign Ministry spokesman Hong Lei said. The government “disapproves” of hacking activities, and punishes them, he said.

Any suggestions that the Chinese government is behind the hackings at Google are “a fabrication” and have “an ulterior motive,” Hong said.

To contact the reporters on this story: Douglas Macmillan in San Francisco at dmacmillan3@bloomberg.net; Brian Womack in San Francisco at bwomack1@bloomberg.net

To contact the editor responsible for this story: Tom Giles at tgiles5@bloomberg.net

Press spacebar to pause and continue. Press esc to stop.

Bloomberg reserves the right to remove comments but is under no obligation to do so, or to explain individual moderation decisions.

Please enable JavaScript to view the comments powered by Disqus.