advertisement
advertisement
  • 04.20.10

Chinese Attack on Google Aimed at Universal Password System

Some more information about the hack on Google’s servers a few months back has come to light, and it’s a little scary: The hackers were going after Google’s universal password system, Gaia.

 

advertisement
Google china

Gaia, recently renamed Single Sign-On, is the password system that allows one login and password to access all of Google’s services, including Gmail, Maps, Picasa, Search, and Reader. The New York Times has a source who says the hack targeted Gaia, and could have dangerous security ramifications in spite of Google‘s quick action to patch holes.

The theft began with an instant message sent to a Google employee in China
who was using Microsoft’s
Messenger program, according to the person with knowledge of the
internal inquiry, who spoke on the condition that he not be identified.

By clicking on a link and connecting to a “poisoned” Web site, the
employee inadvertently permitted the intruders to gain access to his (or
her) personal computer and then to the computers of a critical group of
software developers at Google’s headquarters in Mountain View, Calif.
Ultimately, the intruders were able to gain control of a software
repository used by the development team.

Google discovered the hack very early; within a few hours, the company had already instituted another layer of security upon login. The risk, though quite small, is that the hackers could have installed a Trojan horse virus in order to retain access to Gaia. They could then snoop around and, if they were particularly skilled, figure out an exploit Google’s engineers hadn’t yet discovered. It’s a small risk, though predictably, anti-virus companies like McAfee are playing up the danger. Google’s been extremely fast, thorough, and transparent in their reaction, and the likelihood that they missed some vital mistake is slim. Still, it’s enough to make you just a teensy bit scared of that universal login. Unless you own an Android phone, then it remains awesome.

About the author

Dan Nosowitz is a freelance writer and editor who has written for Popular Science, The Awl, Gizmodo, Fast Company, BuzzFeed, and elsewhere. He holds an undergraduate degree from McGill University and currently lives in Brooklyn, because he has a beard and glasses and that's the law.

More

Video