China denies role in attack on Google’s Gmail
San Francisco: Google said that a cyber spying campaign originating in China had targeted Gmail accounts of senior US officials, military personnel, journalists and Chinese political activists.
"We recently uncovered a campaign to collect user passwords, likely through phishing," Google security team engineering director Eric Grosse said in a blog post.
"The goal of this effort seems to have been to monitor the contents of these users' e-mails, with the perpetrators apparently using stolen passwords to change peoples' forwarding and delegation settings," he said.
The campaign appeared to originate in Jinan, China, Grosse said, and targeted the personal Gmail accounts of hundreds of users of Google's free Web-based e-mail service.
In response, China said on Thursday it was "unacceptable" for Google to accuse it of having played a role in the campaign.
"To put all of the blame on China is unacceptable," Foreign Ministry spokesman Hong Lei told reporters.
"The so-called statement that the Chinese government supports hacking attacks is a total fabrication... It has ulterior motives."
Those affected included senior US government officials, Chinese political activists, military personnel, journalists and officials in several Asian countries, predominately South Korea, he said.
"Google detected and has disrupted this campaign to take users' passwords and monitor their e-mails," Grosse said.
"We have notified victims and secured their accounts," he continued. "In addition, we have notified relevant government authorities."
The White House was investigating the situation but had no reason to believe that Gmail accounts of senior government officials were hacked, an official said.
"We're looking into these reports and are seeking to gather the facts," the official said on condition of anonymity.
"We have no reason to believe that any official US government email accounts were accessed," the official said, referring other queries to the Federal Bureau of Investigation.
Google noted in its warning that personal Gmail accounts were targeted.
Personal e-mail accounts usually lack protections against "spoofing and malware" used in business e-mail systems, according to a Contagio security advisory that accompanied Grosse's blog post.
"In addition, it is often being checked at home in a relaxed atmosphere, which helps to catch the victim off guard, especially if it appears to arrive from a frequent contact," Contagio said of personal e-mail accounts.
"Some people have a habit of forwarding messages from enterprise accounts to their personal mail for saving or easy reading."
The "phishing" ruse used to trick Gmail users into revealing account names and passwords reportedly involved sending booby-trapped messages that appeared to come from legitimate associates, friends or organisations.
Links to supposedly view or download email attachments led people to fake Gmail login pages where entered information was harvested and then used to secretly get into accounts, the Contagio advisory indicated.
Google said the California-based firm's systems and servers were not attacked.
There was no indication whether the Gmail spying campaign was related to a China-based cyberattack on Google that prompted the company early last year to stop bowing to Internet censors in that nation.
Google essentially handicapped itself in the booming China market by shifting mainland Chinese users of its Chinese-language search engine Google.cn to an uncensored site in former British colony Hong Kong.
Google's decision came after the company, whose motto is "Don't Be Evil”, threatened to close its Chinese operations because of censorship and cyberattacks it said originated from China.
China reacted quickly to Google's move saying it was "totally wrong" to stop censorship and to blame Beijing for the cyberattacks that Google said targeted email accounts of Chinese human rights activists.
Beijing tightly controls online content in a vast system dubbed the "Great Firewall of China”, removing information it deems harmful such as pornography and violent content, but also politically sensitive material.