How a Malicious Adobe Flash File Caused the China Gmail Hack [VIDEO]

Хятадын хакерууд энэ хэрэг явдлаас өмнө мөн Gmail-руу халдлага хийж нэлээд хэл ам дагуулаад амжсан билээ. Тэгвэл энэ удаад улс гүрнүүдийн харилцаанд ч өөрчлөлт орж магадгүй дүр төрхийг бий болгоод авлаа.

Өнгөрсөн 7 хоногт Хятадын хакерууд АНУ-ын өндөр албан тушаалтай хүмүүсийн хувийн gmail account-ыг цуглуулж улмаар мэдээллийг нь авах халдлага хийсэн байна.

Энэ халдлагыг АНУ-н тагнуулын албаныхан өндөр зэрэглэлтэйгээр хүлээн авч эргэн шалгахаар болоод байгаа юм. Google-ын талаас ч хятадын хакеруудтай эрчимтэй тэмцэхээ мөн мэдэгдлээ.

АНУ-н зүгээс Хятадын талд удаа дараа хийсэн иймэрхүү халдлагаа зогсоохыг шаардсан мэдэгдэл хийлээ. Үүнээс болж АНУ, Хятадын хамтын харилцаанд зөрчил үүсэх мадаглал бий болоод байгааг шинжээчид мэдээлээд байна.

1. Cyber intruders confound ‎ Worcester Telegram - Michael Riley - Greg Farrell - 3 hours ago The week before last it was Google, which revealed an attempted hack, originating in China, into the Gmail accounts of US government officials, ... Cyber threat: Sony Google and now Citibank hacked Osborne and Fox ...‎ - International Business Times MINITER: What if Weiner had actually been hacked?‎ - Colorado Springs Gazette Anonymity stymies hunt for Google, Sony hackers‎ - The Japan Times International Business Times AU - Daily Pioneer all 49 news articles » GOOG - EMC

   Solaria Sun

2. China Denies Gmail Hacking, Quelle Surprise ‎ International Business Times - Joe Romaine - 5 days ago China came out swinging against renewed allegations that it hacked Gmail accounts belonging to US companies, ... Google, China Spar over Gmail Hacking Accusations‎ - PCWorld China warns Google about Gmail hack accusations‎ - Inquirer Cyber Cops Stymied by Elusive Hackers‎ - Bloomberg CBS News - Washington Examiner (blog) all 596 news articles » GOOG - TYO:6758

   Telegraph.co.uk

3. Google alleges China Gmail hack ‎ ZDNet UK - Tom Espiner - 2 Jun 2011 Gmail accounts belonging to high-ranking US government officials have been targeted in malware and phishing attacks from China, Google has said. ... Video: Clinton: FBI to Probe China Email Hacking Charge The Associated Press China Gmail Hack: Google points figure at China; China denies.‎ - Slate Magazine How a Malicious Adobe Flash File Caused the China Gmail Hack [VIDEO]‎ - Penn Olson Wall Street Journal - The Guardian all 2758 news articles » GOOG

   The Hindu

4. White House: Government Email Not Compromised Via Gmail Hack ‎ PC Magazine - Chloe Albanesius - 3 Jun 2011 Also yesterday, the Chinese government denied being the source of a Gmail hack. Chinese Foreign Affairs Minister Hong Lei told reporters that "allegations ... Video: Google hackers invaded accounts months ago euronews Issa Gmail hack underscores WH email abuse‎ - Politico No U.S. Govt Email Accounts Hacked: White House‎ - International Business Times BBC News all 19 news articles »

In an alarming new angle on yesterday’s news of Gmail hacks that originated in China, here’s a video showing a different approach to invading a Gmail inbox: a malicious Flash file that exploits a vulnerability in Adobe Flash.
It shows that your Gmail is not just at risk from ‘phishing’ sites that try to trick you into revealing your Gmail password, but also from a specially-crafted Flash file that can inject a spying forwarding address into your Gmail account settings.
With this method, the snoop can read all your emails, conveniently forwarded to him/her (in this instance, in China), without your knowing. Indeed, this hack doesn’t even steal (or need) your password.

The Heist

So, how does it work? The screencast video, below, is narrated in Chinese, so here’s my rundown on how it works. It’s pretty simple. First, you get a dodgy email which encourages you to click a certain link. In this instance, it appears to be someone’s personal blog that’s hosted on Sina’s blog platform. Upon clicking it, the link actually heads to a dubious site which hosts just one Flash file. It says “loading…”, but nothing ever loads. (A cursory look in the ‘Properties’ reveals the Flash file’s name to be f.swf). Then, the video’s narrator heads back to his Gmail account settings – which was open in the same browser while he visited the malicious site – to reveal that a forwarding address has been added to his settings. Pretty scary.
It looks like another innocuous Gmail address – but that address is getting all your new mail delivered to it, allowing it unfettered snooping on your mail. Even if you were to change your email password, that forwarding address would still be in your account settings, receiving all your Gmail.

(here’s the direct YouTube link, in case the user suddenly disables embedding)
You might recall that Adobe was a serious ‘weak link’ in the initial Google hack controversy in January 2010 that prompted Google to shutter Google.cn and redirect all mainland China users to its Hong Kong-based search engine. Last time it was Reader; this time it’s Flash. We look forward to hearing from Adobe again, now it’s clear that it’s again culpable in these new attacks.