Google has sent a warning to Gmail users against the attack from the Russia-based cyber espionage group.
Technology giant Google has warned about 14,000 Gmail accounts of the attack by Russia-based cyberespionage group Fancy Bear (known as APT28). He told users that they may have been exposed to the danger that appears to be aimed at ‘phishing’. He stressed the risk that their passwords may have been stolen as well.
The phishing attack, which was detected in late September, fell within the scope of the ‘State-sponsored attack’ alerts that Google regularly sends out. In a statement made by a company official, it was underlined that this time there could be a greater danger than normal.
Attack aimed at hijacking Gmail accounts
The phishing attack by Fancy Bear targets business Gmail users. Shane Huntley, head of Google’s Threat Analysis Group, said in a statement on the subject, that the alerts they sent against the APT28 attack accounted for 86 percent of the total notifications sent this month. He also noted that state-sponsored cyberespionage groups often target activists, journalists and government officials.
A journalist shared a screenshot of the warning he received.
Huntley, who made statements on Twitter regarding the reasons for making the warnings, said:
Why are we making these government warnings? The alert informs people that they could be a potential target in the next attack. Therefore, now is the time to take security measures.
In the statement, it was stated that the e-mails Fancy Bear sent to users for attack purposes fell into the spam category and did not fall into the inbox. In addition, it was underlined that these are completely blocked by Gmail. Shane Huntley said, “As we explained earlier, we send alerts in batches, not as soon as we detect a threat. That way, the attackers don’t know our strategies,” he said.
Against such mass attacks, Google recommends Business and Personal Gmail users to sign up for the ‘Advanced Protection Program’. With this service, the company promises to protect users who are at risk of being hacked on the Internet.