In the midst of a blog post blandly titled “Ensuring your information is safe online,” Google lobs a bombshell of an accusation against the Chinese government: It says that it unearthed a Gmail account hijacking campaign, “which appears to originate from Jinan, China, affect[ing] what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.”
Parkour, who is based in Washington DC, wrote that the method used – called “spear phishing” – was “far from being new or sophisticated”, but described it as “particularly invasive”. Her description of how the attack works matches accounts of the attack on Google.
“Victims get a message from an address of a close associate or a collaborating organisation/agency, which is spoofed,” she wrote.
“The message is crafted to appear like it has an attachment with links like View Download and a name of the supposed attachment. The link leads to a fake Gmail login page for harvesting credentials.”
Parkour, who writes under a pseudonym, told the Guardian: “I just shared my analysis, hoping it might help others.
“I did not officially notify Google as it was not a new type of attack,” Parkour said. “I did a mini research and analysis and posted the findings as I heard it happened to other people in the military and the US government.
“I did not realize it had as many victims as [Google] made it sound on their post.”
Just recently, the Pentagon identified cyber attacks as potential acts of war.