Gmail Phishing Attack: China Cries Slander

The Chinese government claims Google is using an attempted targeted Gmail phishing scam as a “political tool for slandering other countries,” according to a scathing front-page editorial in the People’s Daily today, the official newspaper of the Communist Party of China.

Meanwhile, House Oversight Committee Chairman Darrell Issa (R-Calif.) wrote to Google CEO Larry Page yesterday, requesting the names of all federal employees that were targeted and all communications related to Google’s response by June 17:

“This event is of particular concern to the committee not only because of our interest in the broader issue of cybersecurity and its national-security implications, but also because news accounts of this cyberattack have implicated the possible involvement of hackers from within the People’s Republic of China and senior U.S. government officials’ personal Google email (Gmail) accounts.”

Google, What Do You Want?

“Many international bystanders believe that Google’s charge is thickly tainted with political colours and one can’t dismiss the fact that Google is taking advantage and provoking new Sino-American internet security disputes with sinister intentions. What was once a model of leading internet innovation has now become a political tool for slandering other countries…” according to the editorial (appearing under the headline “Google, What Do You Want?”), which appeared in Monday’s international editions of the People’s Daily. “Once the international winds change, Google might become a political sacrifice and might be discarded by the market.”

In response, Google told the Sydney Morning Herald that what Google wants is to “protect its users and help them stay safe online, which is why it went public with the hacking allegations.”

China Goes Spear Phishing

Image via contagio of a Feb. 2011 Gmail phishing scam

A technique known as spear phishing was used to trick recipients into revealing their email passwords. Google said the attacks originated in Jinan, China.

China last week called the allegations unfounded and that Google had “ulterior motives” in revealing the attacks, which targeted hundreds of users, including “senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists” via a blog post. 

Google said the goal of the scammers was to “monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings. (Gmail enables you to forward your emails automatically, as well as grant others access to your account.)”

U.S. officials say no confidential information was obtained. The FBI is investigating.

Earlier this year, Google also accused China of blocking access to Gmail users, who reported being unable to send email or access their address books. China called the accusation “unacceptable” at the time.

This follows last year’s highly sophisticated Aurora attack, which we covered in “Google’s New Approach to China: A Closer Look at the Attack Heard ‘Round the Web.”