Hackers Hijack Gmail in China [Updated]

 Here in the U.S., we've been complaining about Gmail for its new design (Why do we need a "Mail" button and "Inbox" button only an inch apart!?!). In China, they're complaining about Gmail too, but for a very different reason.

Over the past week, reports from Chinese Internet users indicate that when Gmail is accessed, users are auto-forwarded to a replica site at a different address (http://124.117.227.201/web/gmail/) where they're asked to enter or re-enter their account information. Based on the rough translations available, users connect to this non-Google owned site if they use Google's browser toolbar or simply enter the address "www.gmail.com." There, they'll face a classic phishing attack which has users giving away login usernames, passwords, and other personal information. China's Gmail has been hijacked.

According to one report, this ISP phishing may be an attempt to create a sense of insecurity around Gmail, intended to get Web users to stop trusting or using Google. So far however, it is unclear who orchestrated the attacks, other than that the server originated from Ürümqi in Northwest China.

In recent months, the Internet giant's relationship with China has been tense. After hackers breached Google headquarters in Beijing, the company announced it would no longer censor the country's searches and began forwarding users to Google Hong Kong, which mainland China quickly blocked.

And just this morning, in yet another example of increased tensions, two state-run companies announced plans to launch a search business to rival Google, one that is focused on mobile searches.

UPDATE: Sources close to the investigation tell Fast Company that the IP address hosting the fake Gmail URL has been linked to phishing pages for other well-known online services in the past, including Hotmail and Chinese search engine Baidu.

UPDATE 2: A Google spokesperson has shed some light on the report. "This phishing attempt is not unique to Gmail and should not be misconstrued," the rep says. "As always, users should be careful about where they share their personal information, and should avoid clicking through warnings about suspicious sites. We encourage Gmail users to visit https://mail.google.com directly."

Add New Comment

0 Comments