My Bitdefender
  • 0 Shopping Cart

Bitdefender Blog

Possible Aftermath of the recent gMail accounts hacking incident

by Catalin Cosoi, on 02 June 2011

More corporate data leaks could follow the Gmail incident. Employees whose email accounts have been compromised should change their passwords and use a security solution for their personal computers.

Corporate data hacks and cyber-warfare are two of the most important concerns for today’s high-profile cyber-criminal. Operation Aurora, the Stuxnet incident, the RSA massive compromise and the Epsilon Breach are some of the most notorious examples of this kind, but they are accompanied by smaller, stealthier breaches made possible by misconfiguration, human error or social engineering.

According to the Google report issued today, a group of unidentified Chinese hackers phished several e-mail credentials belonging to US government representatives, Chinese political activists, military personnel, journalists and other Asian officials. Today’s security incident is the second of this kind carried against the US-based company in less than 18 months.

Just as in the previous attack against the Gmail service, we can assume that cyber-criminals went after sensitive documents the users might have inadvertently forwarded from their business inboxes.

These cyber-crooks may have monitored their victims for a while, a task that has been made dramatically easier by the impact of social networking: you only need to have the victims’ email address to find out about their personal history, hobbies, habits, family life, and aspects of their work etc. Actually, these are the greatest assets in carrying a spear phishing attack. In addition to that, the stolen credentials could allow cybercriminals to further access other accounts where the victims may have reused their passwords.

Worst case scenario? Once all this data is secured, besides monitoring the email accounts’ activity, an attacker can further trick the victims into additional e-threat schemes. One of them could be downloading malicious mobile phone applications to report essential data about the victims, such as their GPS position. While Android has gained an enormous popularity in China, Google has not opened a regional Android Market, which has only encouraged third parties to build their own markets, many of them swarming with such malicious applications (DroidDream or Geinimi).

One can safely assume that this gmail incident is not a classic phishing attack motivated by easy money. Much more important intelligence is at stake, ranging from international affairs issues to military technology. The cost of the incident is yet to be determined, however it is obviously a couple of thousand times higher than the cost of protection needed to prevent such an event.

The rule of thumb for this kind of incidents: users should change the passwords to their gmail accounts, check if each message they send is set to be forwarded to another e-mail account and avoid using the same password for several online accounts that they may have created.

All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

Catalin Cosoi

Chief Security Researcher

Daily "Did you know?"

On July 31, 2008, the Koobface computer worm started to target users of Facebook and MySpace; and new variants still constantly appear.


  • Bitdefender Security Specialists
    Bitdefender Labs
  • Catalin Cosoi
    Chief Security Researcher
  • Dan Lowe
    Dan Lowe, an OEM Senior Marketing Manager, has been working with Bitdefender for the last 3 ½ years. His familiarity with multiple security products from Firewalls to Antivirus has provided him a unique perspective on the security industry.
  • Ligia Adam
    Security Evangelist and Social Media Professional
  • Loredana Botezatu
    Loredana Botezatu – E-threat Analyst – Loredana has been writing about the IT world and e-security for well over five years. She has made a personal goal out of educating computer users about the ins and outs of the cybercrime ecosystem.