"There's a problem here, and it's not just because everyone suddenly decided to become a drooling moron on the internet here."
- Google user Freyar on the Gmail support forums
Another day of people complaining of hacked Gmail accounts and still no official word as to the cause. Although PCWorld does say that Google is now investigating the uptick in account hijackings, they're quick to note that the good folks at Mountain View are not acknowledging any bugs or security flaws on their end at this time.
In keeping abreast of this issue as it's been developing I've seen a lot of blaming the victims going on, both in the Google forums and elsewhere. While it's true that many online accounts are compromised by means of phishing or via insecure desktop computers, when this many otherwise tech-savvy users are suddenly complaining about a new issue all at once you might want to consider being just a little less condescending (and you might want to change your own passwords as well while you're at it, no matter how "strong" you think they are).
It would also be nice to get more of an official acknowledgement from Google that something is amiss. I've been a Gmail enthusiast since 2004 and while I understand that hacking is something that can happen even to the best of systems it would be nice for Google to post something to its blog addressing the problem rather than having to get third-party confirmation that they're working on it via the press.
I've predicated my faith in using Gmail as my primary means of communication on two things: one, that the system is as secure as the alternative (if not more so); and two, that even if there were some kind of security breach Google would be right on top of it, both in terms of resolving the issue and communicating it with its users as transparently as they were able in as timely a manner as they could. The longer GOOG maintains its silence on the recent outbreak of hacked accounts, the less confidence I'm going to have in them in the future.
It's up to you, Mountain View.
Showing posts with label gmail. Show all posts
Showing posts with label gmail. Show all posts
Wednesday, April 21, 2010
Tuesday, April 20, 2010
Gmail Hijackings Continue
Yesterday I posted about two of my Gmail accounts being hacked. Since then I've been keeping an eye on both the Google forums and Twitter to see if other people have been similarly affected- still no official acknowledgement from the GOOG, although reports continue to stream in on the Gmail users forums, and every time my Tweetdeck refreshes I see several new people complaining that their accounts have been compromised.
The MSM has been slow to pick up on this story thus far, though word of the low-grade hacking epidemic is beginning to percolate through the Intarwebz: there's a mention of the Gmail spammings on Wonkette and a thread on 4chan as well (Protip: Whoever you are, Viagra spammers, hacking a channer's account was probably the dumbest thing you could do!).
In any event, if you haven't already changed your Google password now would be a good time to do so. Also be sure to change passwords to other web services if you were using the same login information as your Gmail account.
If you're still worried about getting hacked, you may also want to consider implementing an Early Warning System in your Gmail: in your Contacts, add the email address for your cell phone text number. Since numerical entries appear at the top of your Gmail Contacts list, if your account is compromised by a spammer you'll receive a spam TXT on your phone almost as soon as the hacking activity gets underway. This is how I discovered that my account was being hacked, and fortunately I was able to log out the spammer and change my password before he/she got through the A's in my Contact list.
Good luck to all, and I hope we get some official word soon from Google as to what's going on...
The MSM has been slow to pick up on this story thus far, though word of the low-grade hacking epidemic is beginning to percolate through the Intarwebz: there's a mention of the Gmail spammings on Wonkette and a thread on 4chan as well (Protip: Whoever you are, Viagra spammers, hacking a channer's account was probably the dumbest thing you could do!).
In any event, if you haven't already changed your Google password now would be a good time to do so. Also be sure to change passwords to other web services if you were using the same login information as your Gmail account.
If you're still worried about getting hacked, you may also want to consider implementing an Early Warning System in your Gmail: in your Contacts, add the email address for your cell phone text number. Since numerical entries appear at the top of your Gmail Contacts list, if your account is compromised by a spammer you'll receive a spam TXT on your phone almost as soon as the hacking activity gets underway. This is how I discovered that my account was being hacked, and fortunately I was able to log out the spammer and change my password before he/she got through the A's in my Contact list.
Good luck to all, and I hope we get some official word soon from Google as to what's going on...
Monday, April 19, 2010
Hacked?
So around 1:13am or so last night I get an incoming text on my phone. Which is unusual. I check to see who it could be and the message only seems to contain some kind of spam link. I'm about to get angry about random SMS marketing when I realize that the spam message originated from my own Gmail account.
Crap.
I log into my Gmail, and sure enough I see a boatload of returned mail messages for emails that I sure as heck didn't send, almost all of them to people in my Contacts whose name begin with A. The Sent Mail folder confirms that my account has been sending out email for several minutes now, and as I check at the bottom of my inbox I see that there is another user logged in to the Gmail account. This is not suspicious in and of itself, as I may be accessing my email from one of several computers in the house, but the IP address sure as heck isn't anything local.
Clicking for details, I see that a mobile user in Russia is accessing the account. I immediately log the spammer out, change my password, and wonder if our home computers have been hacked. Looking at the event logs in our firewall, I don't see the same IP address anywhere, however, so I start trolling Twitter and the Google forums to see if this is currently happening to anyone else.
As it turns out, I do in fact find a thread about my recent Gmail woes. Apparently something like this has been going on with Gmail accounts for a few weeks now, although the activity clearly seems to have spiked over the past 24 hours or so. The Gmail employees monitoring the forums are as helpful as they can be given the unknown nature of the threat, but it's clear from a cursory glance at the other users posting that these aren't your typical phishing victims.
A possible theory advanced in the thread was that another web service was hacked and that the passwords stolen from that database were used to try to access various users' Gmail accounts, based on the assumption that even otherwise prudent and tech-savvy users may be lazy enough to use the same password across several different accounts. I am one of those prudent yet lazy folk, so this seems entirely possible to me- a theory which only seems to be further confirmed when I realize that one of my throwaway Gmail accounts was also hacked. Since I never even log in to this second account, the only plausible connection between it and my main account is that I used the same password for both (though I've since changed them, as well as other account passwords, to their own unique strong passwords).
So what does Google have to say about this? Nothing yet, officially, although people are beginning to talk about it beyond the Google forums and Twitter. Even if you haven't seen any suspicious activity on your own Gmail account, now might be a very good time to change your password, as another working theory is that whoever is compromising these accounts is doing so in small batches so as to avoid detection.
Regardless of whether or not this may be the case, you definitely want to change your passwords if you are using the same password across several different web services. Google's servers may be as hard as Fort Knox to crack, but your account is only as safe as the weakest database out there in the aether that you've entrusted your password to. I feel stupid for being lazy now, but I'm glad that the person who did hijack my Gmail accounts wasn't able to do any lasting damage before I locked them down.
(The other thing you should definitely do RIGHT NOW is go to your Gmail settings and choose "Always use HTTPS" option under Browser Connections if you haven't already!)
In the meantime, sorry if I winged you with an ad for viagra. If I'm going to pimp anything to my Contacts, it's going to be for my novel Confessions of Gourmand- the Kindle edition is only $0.99 on Amazon.com!
UPDATE: Another piece of the puzzle? The New York Times reports today that when Google was attacked back in January, presumably by Chinese hackers, the target of the intrusion attempt was Gaia, its password system for Gmail and other Google account services. Although Google claims that no passwords had been stolen at that time, it's getting harder and harder to believe the recent account hijackings being reported over the past 24 hours are just a coincidence.
Crap.
I log into my Gmail, and sure enough I see a boatload of returned mail messages for emails that I sure as heck didn't send, almost all of them to people in my Contacts whose name begin with A. The Sent Mail folder confirms that my account has been sending out email for several minutes now, and as I check at the bottom of my inbox I see that there is another user logged in to the Gmail account. This is not suspicious in and of itself, as I may be accessing my email from one of several computers in the house, but the IP address sure as heck isn't anything local.
Clicking for details, I see that a mobile user in Russia is accessing the account. I immediately log the spammer out, change my password, and wonder if our home computers have been hacked. Looking at the event logs in our firewall, I don't see the same IP address anywhere, however, so I start trolling Twitter and the Google forums to see if this is currently happening to anyone else.
As it turns out, I do in fact find a thread about my recent Gmail woes. Apparently something like this has been going on with Gmail accounts for a few weeks now, although the activity clearly seems to have spiked over the past 24 hours or so. The Gmail employees monitoring the forums are as helpful as they can be given the unknown nature of the threat, but it's clear from a cursory glance at the other users posting that these aren't your typical phishing victims.
A possible theory advanced in the thread was that another web service was hacked and that the passwords stolen from that database were used to try to access various users' Gmail accounts, based on the assumption that even otherwise prudent and tech-savvy users may be lazy enough to use the same password across several different accounts. I am one of those prudent yet lazy folk, so this seems entirely possible to me- a theory which only seems to be further confirmed when I realize that one of my throwaway Gmail accounts was also hacked. Since I never even log in to this second account, the only plausible connection between it and my main account is that I used the same password for both (though I've since changed them, as well as other account passwords, to their own unique strong passwords).
So what does Google have to say about this? Nothing yet, officially, although people are beginning to talk about it beyond the Google forums and Twitter. Even if you haven't seen any suspicious activity on your own Gmail account, now might be a very good time to change your password, as another working theory is that whoever is compromising these accounts is doing so in small batches so as to avoid detection.
Regardless of whether or not this may be the case, you definitely want to change your passwords if you are using the same password across several different web services. Google's servers may be as hard as Fort Knox to crack, but your account is only as safe as the weakest database out there in the aether that you've entrusted your password to. I feel stupid for being lazy now, but I'm glad that the person who did hijack my Gmail accounts wasn't able to do any lasting damage before I locked them down.
(The other thing you should definitely do RIGHT NOW is go to your Gmail settings and choose "Always use HTTPS" option under Browser Connections if you haven't already!)
In the meantime, sorry if I winged you with an ad for viagra. If I'm going to pimp anything to my Contacts, it's going to be for my novel Confessions of Gourmand- the Kindle edition is only $0.99 on Amazon.com!
UPDATE: Another piece of the puzzle? The New York Times reports today that when Google was attacked back in January, presumably by Chinese hackers, the target of the intrusion attempt was Gaia, its password system for Gmail and other Google account services. Although Google claims that no passwords had been stolen at that time, it's getting harder and harder to believe the recent account hijackings being reported over the past 24 hours are just a coincidence.
Subscribe to:
Posts (Atom)