Gmail attack shows growing cybercrime sophistication

Triple Helix · Jun 2, 2011

Gmail attack shows growing cybercrime sophistication!

(CNN) -- In the cyber war being fought across international boundaries, the recent Gmail hack of top U.S. and South Korean officials makes one thing clear, analysts say: the bad guys are winning.

"The short answer is our side is losing," says Thomas Parenty, a computer security specialist and former employee at the U.S. National Security Agency. "Defense is much more difficult than offense (against cyber attack); to defend against attack, you need to block all ways in; in offense, you only need one way in."
Click to expand...

http://edition.cnn.com/2011/BUSINESS/06/02/google.gmail.phishing/index.html

TH

ronjor · Jun 2, 2011

Spotting Web-Based Email Attacks

Google warned on Wednesday that hackers were launching targeted phishing attacks against hundreds of Gmail account users, including senior U.S. government officials, Chinese political activists, military personnel and journalists. That story, as related in a post on the Official Google Blog, was retold in hundreds of media outlets today as the latest example of Chinese cyber espionage: The lead story in the print edition of The Wall Street Journal today was, “Google: China Hacked Email.”

The fact that hackers are launching extremely sophisticated email attacks that appear to trace back to China makes for great headlines, but it isn’t exactly news. I’m surprised by how few media outlets took the time to explain the mechanics behind these targeted attacks, because they offer valuable insight into why people who really ought to know better keep falling for them. A more complete accounting of the attacks may give regular Internet users a better sense of the caliber of scams that are likely to target them somewhere down the road.
Click to expand...

http://krebsonsecurity.com/2011/06/spotting-web-based-email-attacks

J_L · Jun 2, 2011

I thought Gmail itself was attacked, not just consumers. The latter I can prevent, but the former I can't do anything.

JRViejo · Jun 3, 2011

Google recently revealed details surrounding a successful phishing campaign that targeted the Gmail accounts of government officials and of political activists. While there has been significant media coverage of the incident, there has been a variety of recent attacks on popular Webmail platforms. In addition to Gmail, Hotmail and Yahoo! Mail have also been targeted. While the attacks appear to have been separately conducted, these have some significant similarities.
Click to expand...

Targeted Attacks on Popular Webmail Services Signal Future Attacks by Nart Villeneuve.

bonedriven · Jun 5, 2011

Here's a demo of the phishing attack, in Chinese though.

Rmus · Jun 5, 2011

Targeted attacks have been around for at least five years, just as sophisticated, IMO.

Targeted attack: experience from the trenches
Published: 2006-05-21,
http://isc.sans.edu/diary.html?storyid=1345

The group originating these attacks does so in a very targeted fashion. The document is crafted to target a specific organization, containing specific elements that deal with just that one organization.

We have traced nearly this attack to the far east; specifically, China and Taiwan. IP's seen are registered there, domains seen are registered there, and the emails received originated from a server in that region.
Click to expand...

And, more recently:

Targeted e-mail attacks asking to verify wire transfer details
Published: 2009-06-04
http://isc.sans.org/diary.html?storyid=6511

The mail asks the victim to verify a wire transfer, being the malicious attachment the alleged wire statement.

In some of the cases, the victims are indeed financial personel within the target organization in charge of daily wire transfers. Time to spread an internal awareness campaign in your financial departments!
Click to expand...

Targeted attacks have increased, of course, and use different scenarios, but just because now it's Google/Gmail (and other web mails) seems to be a catalyst for widespread coverage!

In today's attacks where the victims willingly give out their passwords, the real (almost unsurmountable) problem in organizations is making people aware of the tricks, and informing them of the circumstances when they would be required to reveal their password.

From the article:

On Wednesday Google announced that hundreds of Gmail accounts were compromised in a "spear-phishing" assault -- targeted attacks that duped victims into revealing their Gmail passwords through e-mails that pose as people or companies known to end user.
Click to expand...

This type of targeting can happen in many scenarios, not just with webmail.

regards,

-rich

Log in or Sign up

Gmail attack shows growing cybercrime sophistication

Triple Helix Specialist

ronjor Global Moderator

J_L Registered Member

JRViejo Super Moderator

bonedriven Registered Member

Rmus Exploit Analyst

Log in or Sign up

Gmail attack shows growing cybercrime sophistication

Triple Helix Specialist

ronjor Global Moderator

J_L Registered Member

JRViejo Super Moderator

bonedriven Registered Member

Rmus Exploit Analyst

Useful Searches