12,000 Google Users Hit by State-Sponsored Hackers

Posted by & filed under Security Alerts.

As part of its active efforts to protect billions of online users, Google identified and warned over 12,000 of its users who were targeted by a government-backed hacking attempt in the third quarter of this year.

According to a report published by Google’s Threat Analysis Group (TAG), more than 90 percent of the targeted users were hit with “credential phishing emails” that tried to trick victims into handing over access to their Google account.

Google’s TAG tracks over 270 government-backed hacking groups from over 50 countries that are involved in intelligence collection, stealing intellectual property, destructive cyber attacks, targeting dissidents, journalists, and activists, or spreading coordinated disinformation.

The alerts were sent to targeted users between July and September 2019, which is consistent within a +/-10 percent range of the number of phishing email warnings sent in the same period of 2018 and 2017, the company said.

These warnings usually get sent to the potential targets, which generally are activists, journalists, policy-makers, and politicians. However, if you have received any such alert, do not freak out straight away — it doesn’t necessarily mean that your Google account has been compromised.

Instead, it means a state-sponsored hacker has tried to gain access to your Google account using phishing, malware, or another method, and you should take a few extra steps to secure your account.

“We encourage high-risk users—like journalists, human rights activists, and political campaigns—to enroll in our Advanced Protection Program (APP), which utilizes hardware security keys and provides the strongest protections available against phishing and account hijackings. APP is designed specifically for the highest-risk accounts,” Google said.

While the government-backed phishing attack warnings were sent to affected users in 149 countries, the United States, Pakistan, South Korea, and Vietnam being the most heavily targeted ones, according to the map shared by Google.

Google has been warning individual Google account users since 2012 if the company believes government-backed hackers are targeting their account via phishing, malware, or some other tactics.

Just last year, Google also started offering these email attack alerts to G Suite administrators so they can take action to protect their users and so their organization as well.

High-risk users can take some necessary security measures that will help prevent compromise of their accounts, including keeping their apps and software up-to-date and enabling 2-step verification (Google recommends its Authenticator app or a Security Key as the best methods than regular old text message).

 

The information contained in this website is for general information purposes only. The information is gathered from The Hacker News, while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.  Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.