defenselead.com
Open in
urlscan Pro
162.214.80.21
Public Scan
URL:
https://defenselead.com/google-alerts-14000-gmail-users-attacked-by-russian-hackers/
Submission: On October 11 via api from GB — Scanned from DE
Submission: On October 11 via api from GB — Scanned from DE
Form analysis 4 forms found in the DOM
GET https://defenselead.com/
<form role="search" method="get" id="searchform" action="https://defenselead.com/">
<div class="input-group"> <input type="search" class="form-control" placeholder="Search" value="" name="s"> <span class="input-group-btn btn-default"> <button type="submit" class="btn"> <i class="fa fa-search"></i> </button> </span></div>
</form><form id="commentform" class="comment-form"> <iframe title="Comment Form"
src="https://jetpack.wordpress.com/jetpack-comment/?blogid=178024582&postid=1290&comment_registration=0&require_name_email=1&stc_enabled=1&stb_enabled=1&show_avatars=1&avatar_default=wp_user_avatar&greeting=Leave+a+Reply&greeting_reply=Leave+a+Reply+to+%25s&color_scheme=dark&lang=en_US&jetpack_version=10.2&show_cookie_consent=10&has_cookie_consent=0&token_key=%3Bnormal%3B&sig=0d9acaf103bc25d4d4ef15272ed964bbf1275aab#parent=https%3A%2F%2Fdefenselead.com%2Fgoogle-alerts-14000-gmail-users-attacked-by-russian-hackers%2F"
name="jetpack_remote_comment" style="width:100%; height: 430px; border:0;" class="jetpack_remote_comment" id="jetpack_remote_comment" sandbox="allow-same-origin allow-top-navigation allow-scripts allow-forms allow-popups" scrolling="no">
</iframe> <!--[if !IE]><!-->
<script>
document.addEventListener('DOMContentLoaded', function() {
var commentForms = document.getElementsByClassName('jetpack_remote_comment');
for (var i = 0; i < commentForms.length; i++) {
commentForms[i].allowTransparency = false;
commentForms[i].scrolling = 'no';
}
});
</script> <!--<![endif]--><input type="hidden" name="js-spam-prevention" value="4b72c4acd2e818f4b843fb9a36e90395">
</form>POST #
<form action="#" method="post" accept-charset="utf-8" id="subscribe-blog-blog_subscription-5">
<div id="subscribe-text">
<p>Enter your email address to subscribe to this Newsletter and receive notifications of new posts by email.</p>
</div>
<p id="subscribe-email"> <label id="jetpack-subscribe-label" class="screen-reader-text" for="subscribe-field-blog_subscription-5"> Email Address </label> <input type="email" name="email" required="required" value=""
id="subscribe-field-blog_subscription-5" placeholder="Email Address"></p>
<p id="subscribe-submit"> <input type="hidden" name="action" value="subscribe"> <input type="hidden" name="source" value="https://defenselead.com/google-alerts-14000-gmail-users-attacked-by-russian-hackers/"> <input type="hidden" name="sub-type"
value="widget"> <input type="hidden" name="redirect_fragment" value="blog_subscription-5"> <button type="submit" class="wp-block-button__link" name="jetpack_subscriptions_widget"> Subscribe </button></p>
</form>POST /google-alerts-14000-gmail-users-attacked-by-russian-hackers/
<form id="wpforms-form-734" class="wpforms-validate wpforms-form wpforms-ajax-form" data-formid="734" method="post" enctype="multipart/form-data" action="/google-alerts-14000-gmail-users-attacked-by-russian-hackers/"
data-token="7e300dfcdb413d863b120e7da32b6258" novalidate="novalidate"><noscript class="wpforms-error-noscript">Please enable JavaScript in your browser to complete this form.</noscript>
<div class="wpforms-field-container">
<div id="wpforms-734-field_1-container" class="wpforms-field wpforms-field-name" data-field-id="1"><label class="wpforms-field-label" for="wpforms-734-field_1">Name <span class="wpforms-required-label">*</span></label>
<div class="wpforms-field-row wpforms-field-medium">
<div class="wpforms-field-row-block wpforms-first wpforms-one-half"><input type="text" id="wpforms-734-field_1" class="wpforms-field-name-first wpforms-field-required" name="wpforms[fields][1][first]" required=""><label
for="wpforms-734-field_1" class="wpforms-field-sublabel after ">First</label></div>
<div class="wpforms-field-row-block wpforms-one-half"><input type="text" id="wpforms-734-field_1-last" class="wpforms-field-name-last wpforms-field-required" name="wpforms[fields][1][last]" required=""><label for="wpforms-734-field_1-last"
class="wpforms-field-sublabel after ">Last</label></div>
</div>
</div>
<div id="wpforms-734-field_2-container" class="wpforms-field wpforms-field-email" data-field-id="2"><label class="wpforms-field-label" for="wpforms-734-field_2">Email <span class="wpforms-required-label">*</span></label><input type="email"
id="wpforms-734-field_2" class="wpforms-field-medium wpforms-field-required" name="wpforms[fields][2]" required=""></div>
</div>
<div class="wpforms-submit-container"><input type="hidden" name="wpforms[id]" value="734"><input type="hidden" name="wpforms[author]" value="0"><input type="hidden" name="wpforms[post_id]" value="1290"><button type="submit" name="wpforms[submit]"
class="wpforms-submit " id="wpforms-submit-734" value="wpforms-submit" aria-live="assertive" data-alt-text="Sending..." data-submit-text="Submit">Submit</button><noscript><img
src="https://defenselead.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg" class="wpforms-submit-spinner" style="display: none;" width="26" height="26" alt=""></noscript><img
src="data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%2026%2026%22%3E%3C/svg%3E" data-src="https://defenselead.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg"
class="lazyload wpforms-submit-spinner" style="display: none;" width="26" height="26" alt=""></div><input type="hidden" name="pum_form_popup_id" value="746">
</form>Text Content
Skip to content * October 11, 2021 5:19 pm DEFENSE LEAD Leader in Cyber Security * * Information Security * Application Security * VAPT * Information Security * Security Awareness * Cyber News * White Papers * About Us Application Security Cyber News GOOGLE ALERTS 14,000 GMAIL USERS ATTACKED BY RUSSIAN HACKERS BYDEFENSE LEAD Oct 10, 2021 Page Visited: 213 Read Time:3 Minute, 47 Second Google has warned approx. 14,000 Gmail users about being attacked by government-backed phishing campaign conduct by Fancy Bear, or APT28, a Russian government cyber espionage group. Google communicated to Gmail users by sending email notifications and recommended to enroll in Advanced Protection Program (APP) for personal and work email. OFFICIAL STATEMENT OF GOOGLE ON FANCY BEAR PHISHING ATTACK ON GMAIL USERS: Google’s Threat Analysis Group (TAG) Director Shane Huntley, wrote on Twitter that their team has sent “above average batch” of warnings about the government phishing attempts. They also stated they are able to block phishing emails sent by APT28 and they will be classified as spam and don’t come in the inbox folder. Below is the notification snapshot sent by Google to Gmail users. TAG team also informed that they already delivered warnings to 86% of Gmail accounts this month who are under the radar of Fancy Bear’s phishing campaign and these alert notifications indicate targeting of the recipient, not a compromise of their Gmail account. They also advised increasing their Gmail protection by using multi-factor authentication, or using security keys instead of SMS, or enroll in the Google Advanced Protection Program (APP). > In late September, we detected an APT28 phishing campaign targeting a large > volume of Gmail users (approx 14,000) across a wide variety of industries. > This particular campaign comprised 86% of the batch of warnings we sent for > this month. Firstly these warnings indicate targeting NOT compromise. If we > are warning you there’s a very high chance we blocked. If you are an > activist/journalist/government official or work in NatSec, this warning > honestly shouldn’t be a surprise. At some point, some government-backed entity > probably will try to send you something,” he added while urging users to > review account security settings. > > Shane Huntley, Director, Google Threat Analysis Group (TAG) Shane Huntley also posted a reminder about government-backed phishing from Google’s security blog which states that- > We intentionally send these notices in batches to all users who may be at > risk, rather than at the moment we detect the threat itself, so that attackers > cannot track some of our defense strategies. We have an expert team in our > Threat Analysis Group, and we use a variety of technologies to detect these > attempts. We also notify law enforcement about what we’re seeing; they have > additional tools to investigate these attacks. > > Google Security Blog Here is the official statement from Google – Google Online Security Blog: A reminder about government-backed phishing FANCY BEAR (OR) APT28 – ONE OF THE WORLD’S MOST DANGEROUS NATION HACKER GROUP: Fancy Bear (or) APT28 is one of the most threatening hacking groups responsible for some of the high-profile attacks in recent years. It has been operating since 2004 and is linked to the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS), military unit 26165. Generally, Fancy Bear group attacked the victim by spear-phishing emails and their goal is to get unauthorized access to inboxes and steal sensitive information and documents, then exploit to other individuals or internal networks. APT 28 gained huge popularity when they are involved in the Great DNC Hack of 2016, 2017 French Presidential election and more recently they target members of the Bundestag, the German Federal Parliament, and the Norwegian Parliament. The group’s immense attacks against the individuals in the political and defense sectors clearly pictured the planned interests of the Russian government. According to Microsoft’s second Annual Digitial Defence Report, there is a spike increase in Russian government-backed hacking group attacks from 21% to 32% compared to last year. GOOGLE SENDING SECURITY KEYS TO 10000 GMAIL USERS: The Goggle company also announced they are sending security keys to 10,000 Gmail users as part of enrolling in their Advanced Protection Program (APP). This was informed in their security blog few days after the attack. Advanced Protection Program (APP) is Google’s strongest security system for those users who are at higher risk in such phishing attacks and are targeted to steal their sensitive information or documents such as elected officials, political campaigns, human rights activists and journalists. In the same security blog, they also stated that to enhance security for most at-risk users, they are partnering with International Foundation for Electoral Systems (IFES), UN Women, and Defending Digital Campaigns (a non-profit). Here is the official report – Delivering 10,000 security keys to high-risk users Found this article interesting? Follow DefenseLead on Twitter, Facebook and LinkedIn to read more exclusive content. * * * * * POST NAVIGATION Mobile Application Security Testing – Methodology and Approach BY DEFENSE LEAD RELATED POST Application Security VAPT MOBILE APPLICATION SECURITY TESTING – METHODOLOGY AND APPROACH Oct 8, 2021 Defense Lead Application Security Information Security Security Awareness CYBER SECURITY REQUIREMENTS FOR APPLICATION DEVELOPMENT PROJECTS Oct 6, 2021 Defense Lead Cyber News Exploitation GOOGLE PATCHES TWO MORE ZERO-DAY VULNERABILITIES IN CHROME Oct 3, 2021 Haroon T LEAVE A REPLY CANCEL REPLY Video Player https://defenselead.com/wp-content/uploads/2021/08/DefenseLead_Featured_Video.mp4 00:00 00:00 01:19 Use Up/Down Arrow keys to increase or decrease volume. POST YOUR ARTICLES! Readers, want your ideas, articles, Whitepapers and Research papers published on our DefenseLead website? We are inviting you to post your whitepapers, research, case studies, or any wide range of topics and articles related to cyber security on DefenseLead website with your name credited. Make sure that your write-ups should be up to date, high quality, unique content relevant to cyber security with no plagiarism. For the submissions, please contact us on our email address –defenselead.official@gmail.com Or else you can message us on DefenseLead Twitter, Facebook and Linkedin profiles. CYBER NEWS * Application Security Cyber News GOOGLE ALERTS 14,000 GMAIL USERS ATTACKED BY RUSSIAN HACKERS * Cyber News Exploitation GOOGLE PATCHES TWO MORE ZERO-DAY VULNERABILITIES IN CHROME * Cyber News Exploitation URGENT PATCH FOR ACTIVE ZERO-DAY VULNERABILITY IN GOOGLE CHROME * Cyber News Exploitation MICROSOFT FIXED ZERO-DAY VULNERABILITY OF MS OFFICE 365 & MSHTML * Cyber News Exploitation APPLE RELEASED SECURITY FIX FOR PEGASUS ZERO-CLICK VULNERABILITY * Application Security Cyber News Owasp top 10 OWASP TOP 10-2021 DRAFT RELEASED FOR PEER REVIEW * Cyber News Exploitation THOUSANDS OF FORTINET VPN CREDENTIALS LEAKED BY HACKERS * Cyber News Exploitation ACTIVE ZERO DAY ATTACK ON MICROSOFT INTERNET EXPLORER WITH OFFICE 365 * Cyber News Exploitation NETGEAR-CRITICAL AUTHENTICATION BYPASS VULNERABILITY IN THEIR SMART SWITCHES * Cyber News Information Security WIPRO LAUNCHES @NOW STUDIO, A CYBER SECURITY CENTER IN TEXAS FOLLOW US ON TWITTER FOLLOW US ON FACEBOOK DefenseLead is a dedicated platform for articles, information, white papers and news about Cyber Security from around the world. Contact us at defenselead.official@gmail.com and follow us on Twitter, Facebook and LinkedIn to read more exclusive contents. SUBSCRIBE TO NEWSLETTER Enter your email address to subscribe to this Newsletter and receive notifications of new posts by email. Email Address Subscribe YOU MISSED Application Security Cyber News GOOGLE ALERTS 14,000 GMAIL USERS ATTACKED BY RUSSIAN HACKERS Oct 10, 2021 Defense Lead Application Security VAPT MOBILE APPLICATION SECURITY TESTING – METHODOLOGY AND APPROACH Oct 8, 2021 Defense Lead Application Security Information Security Security Awareness CYBER SECURITY REQUIREMENTS FOR APPLICATION DEVELOPMENT PROJECTS Oct 6, 2021 Defense Lead Cyber News Exploitation GOOGLE PATCHES TWO MORE ZERO-DAY VULNERABILITIES IN CHROME Oct 3, 2021 Haroon T DEFENSE LEAD Leader in Cyber Security Copyright © 2021 DefenseLead. All Rights Reserved. * Home * About Us * Cyber News * Information Security * Pin Posts * White Papers Subscribe To Defense Lead NewsLetter! Please enable JavaScript in your browser to complete this form. Name * First Last Email * Submit ×