Friday, September 24, 2010

Google Warning Gmail Users on China Spying Attempts

Via Threatpost.com -

Google is using automated warnings to alert users of its GMAIL messaging service about wide spread attempts to access personal mail accounts from Internet addresses in China. The warnings may indicate wholesale spying by the Chinese government a year after the Google Aurora attacks or simply random attacks. Victims include one leading privacy activist.

Warnings appeared when users logged onto Gmail, encountering a red banner reading "Your account was recently accessed from China," and providing a list of IP addresses used to access the account. Users were then encouraged to change their password immediately. Based on Twitter posts, there doesn't seem to be any pattern to the accounts that were accessed, though one target is a prominent privacy rights activist in the UK who has spoken out against the Chinese government's censorship of its citizens.

A Google spokesman declined to comment on the latest warnings specifically. The company has been issuing similar warnings since March when it introduced features to identify suspicious account activity.

[...]

Its not clear how the accounts were compromised. It is known that Google and its GMAIL messaging system, along with the networks of other high profile U.S. and European firms, were the targets of attackers believed to be affiliated with the Chinese Military. Those attacks, code named "Aurora" temporarily caused a rift in relations between the search giant and the Chinese government, with Google suspending all filtering of its search results in China. Recently, experts have warned that a new round of attacks similar to the original Aurora attacks had been detected, though its unclear if the e-mail hacking is related to that wave of activity.

Hanff, along with other users, said he appreciated the warning.

"For once google did something ethical. I was suprirsed to see that," he told Threatpost.com. However, Hanff said offering a feature to limit account access by IP address would do more to remove the threat of attacks such as the one his account suffered.

No comments:

Post a Comment