Google attackers posed as 'friends'

Friday 29 January 2010 | By Heidi Scott, Gosh! Media Copywriter

Tags: Google, IE, Microsoft, Privacy, Security

According to a report published earlier this week, the perpetrators of the recent cyber attacks that emanated from China had sent messages to key staff at Google, Adobe and other US firms on social networks, pretending to be friends. This was a highly organised attempt to get the employees to click on links to malware that exploited a hole in Internet Explorer, which Microsoft finally patched last week.

"The most significant discovery is that the attackers had selected employees at the companies with access to proprietary data, then learnt who their friends were," the Financial Times reported on Monday. "The hackers compromised the social network accounts of those friends, hoping to enhance the probability that their final targets would click on the links they sent."

George Kurtz, Chief Technology Officer at security firm McAfee, told the newspaper, "We're seeing a lot more up-front reconnaissance, understanding who the players are at the company and how to reach them."

Another part of the attack code used a formula only published on Chinese language websites, according to Joe Stewart, a researcher for the security firm SecureWorks. Stewart also found that some of the code had been written as far back as 2006.

Google, which has stopped censoring its results in China and is threatening to pull out of the country entirely, is still investigating whether insiders in its China office played a part in the attacks, which took place in mid-December but which the search giant did not reveal until a fortnight ago.

Security experts believe that the evidence points to a government-sponsored attack that only large intelligence agencies or highly advanced corporations could have withstood. However, on Monday Beijing described accusations that it was behind the cyber attacks as "groundless".

Pressed for a comment, a Google spokesperson would only say: "We are not going to comment on the specifics of the attack in more detail than we have already done because our investigation is ongoing. We also can't comment on what McAfee may have observed from other affected companies."

Back to industry news

What are news feeds?

Read also

Jail for US Facebook blackmailer

Thursday 04 March 2010

Cyber stalker finally jailed

Thursday 04 March 2010

Microsoft takes down the Waledac botnet

Friday 26 February 2010

News Archive

• 2010

  • March (2)
  • February (9)
  • January (7)

• 2009

  • December (5)
  • November (6)
  • October (8)
  • September (5)
  • August (1)
  • July (9)
  • June (3)
  • May (1)
  • April (11)
  • March (9)

Subscribe to News

• Subscribe with Bloglines
• Add to Feedzilla
• Add to Google
• Add to Netvibes
• Subscribe in NewsGator
• Add to Windows Live
• Subscribe to RSS Feed
• Add to My Yahoo