State Department


Gmail Hackers Phished Victims for Months

ED: Gmail Hackers Conned Victims for MonthsDEK: An independent security researcher says that victims of the account takeovers were repeatedly phished over almost a year by attackers believed to be located in China. An independent security researcher who was among the first to investigate a large scale phishing attack aimed at U.S. government and military personnel says that attackers controlled victim accounts for months and repeatedly phished victims during that time. Mila Parkour, a Washington D.C. based independent says that victims of the account takeovers were repeatedly phished over almost a year by attackers believed to be located in China. Victims of the attack included government and military personnel in the U.S. and Asian nations, as well as human rights activists and journalists in China and elsewhere, Google said on Wednesday. According to Parkour, the group or individuals responsible for the attack controlled those accounts for more than a year and repeatedly targeted both the legitimate account owner and his or her associates during that time. The attackers used spoofed e-mail addresses and information harvested from the victims’ accounts to engage in “mini conversations” with their victims, Parkour said. “They used personal knowledge for some phishes…they were very persistent and invasive,” she said. Among other things, the attackers continued to try to harvest online credentials from victims – user names and passwords – using the same technique they used, successfully, to gain access to- and control over the users gmail account. “They would send a new message with the same type (of) password harvesting technique. Sometimes even the same message sometimes (a) new (message),” said Parkour, who described herself as a IT administrator who researches malicious programs as a hobby. Google said in a blog post on Wednesday that it had disrupted the campaign, which it traced to  Jinan, China. The campaign affected hundreds of Gmail users, using malware and phishing attacks to harvest user login credentials. The campaign appears to have been designed to monitor the content of users’ email correspondence.An independent security researcher who was among the first to investigate a large scale phishing attack aimed at U.S. government and military personnel says that attackers controlled victim accounts for months and repeatedly phished victims during that time.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.