Secure Your Gmail Now As Google Warns Of Password Attacks
The Google Threat Intelligence Group has warned that UNC6293, a Russian state-sponsored hacking unit, is targeting Gmail users in a recent password-stealing threat campaign affecting users of the world's most popular email platform. This is just one of a string of attacks that stretch back over the years, but have now evolved to include sophisticated 2FA bypass threats, phishing attacks that appear to originate from Google itself, and highly believed hybrid attacks involving human hackers alongside AI-powered ones. Although Gmail is not the only email platform plagued by security threats, it's the large user base and the access to data that a Gmail account password provides that make it such an attractive target. Here's what you need to do to secure yours.
How To Secure Your Gmail Account Against Password Hackers
Gabby Roncone and Wesley Shields, from the Google Threat Intelligence Group, have published an in-depth report that confirmed one critical attack campaign, executed by Russian state-sponsored hackers who are part of the UNC6293 group, targeted Gmail users with lures designed to persuade them to create an application specific password to allow a third-party app access to their Gmail accounts. One such attack is described on LinkedIn by Kier Giles, a respected researcher of Russian power projections, who said, "Several of my email accounts have been targeted with a sophisticated account takeover that involved impersonating the U.S. State Department.'
In mitigation of the UNC6293 application specific password attacks, the Google Threat Intelligence Group said that users have complete control over their ASP's and a notification is sent as soon as one is created to the Gmail account involved and any devices signed in using it, 'to ensure the user intended to enable this form of authentication.' Of course, these attacks involve a lot of social engineering, so protections need to run further than this, which is why Google operates the Advanced Protection Program 'intended for individuals at high risk of targeted attacks and exposure to other serious threats.' Using the APP, prevents an account from creating an ASP at all.
More broadly, Gmail users are advised to take action to prevent Gmail hack attacks as follows:
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
TechCrunch
35 minutes ago
- TechCrunch
Google's data center energy use doubled in four years
No wonder Google is desperate for more power: the company's data centers more than doubled their electricity use in just four years. The eye-popping stat comes from Google's most recent sustainability report, which it released late last week. In 2024, Google data centers used 30.8 million megawatt-hours of electricity. That's up from 14.4 million megawatt-hours in 2020, the earliest year Google broke out data center consumption. Google has pledged to use only carbon-free sources of electricity to power its operations, a task made more challenging by its breakneck pace of data center growth. And the company's electricity woes are almost entirely a data center problem. In 2024, data centers accounted for 95.8% of the entire company's electron budget. Image Credits:Tim De Chant/TechCrunch The company's ratio of data-center-to-everything-else has been remarkably consistent over the last four years. Though 2020 is the earliest year Google has made data center electricity consumption figures available, it's possible to use that ratio to extrapolate back in time. Some quick math reveals that Google's data centers likely used just over 4 million megawatt-hours of electricity in 2014. That's growth of seven-fold in just a decade. The tech company has already picked most of the low-hanging fruit by improving the efficiency of its data centers. Those efforts have paid off, and the company is frequently lauded for being at the leading edge. But as the company's power usage effectiveness (PUE) has approached the theoretical ideal of 1.0, progress has slowed. Last year, Google's company-wide PUE dropped to 1.09, a 0.01 improvement over 2023 but only 0.02 better than a decade ago. It's clear that Google needs more electricity, and to keep to its carbon-free pledge, the company has been investing heavily in a range of energy sources, including geothermal, both flavors of nuclear power, and renewables. Techcrunch event Save $450 on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections. Save $200+ on your TechCrunch All Stage pass Build smarter. Scale faster. Connect deeper. Join visionaries from Precursor Ventures, NEA, Index Ventures, Underscore VC, and beyond for a day packed with strategies, workshops, and meaningful connections. Boston, MA | REGISTER NOW Geothermal shows promise for data center operations. By tapping into the Earth's heat, enhanced geothermal power plants can consistently generate electricity regardless of the weather. And many startups, including Google-backed Fervo Energy, are making it possible to drill profitable wells in more places. On the nuclear fusion side, Google last week announced it would invest in Commonwealth Fusion Systems and buy 200 megawatts of electricity from its forthcoming Arc power plant, scheduled to come online in the early 2030s. In the nuclear fission world, Google has pledged to buy 500 megawatts of electricity from Kairos Power, a small modular reactor startup. The nuclear deals have yet to deliver power — and they won't for five years or more. In the meantime, the company has been on a renewable energy buying spree. In May, the company bought 600 megawatts of solar capacity in South Carolina, and in January, it announced a deal for 700 megawatts of solar in Oklahoma. Google said in 2024 it was working with Intersect Power and TPG Rise Climate to build several gigawatts worth of carbon-free power plants, a $20 billion investment. The outlay isn't surprising given that solar and (to a lesser extent) wind are the only two sources of power that are readily available before the end of the decade. New nuclear power plants take years to permit and build, and even the most optimistic timelines don't see them connecting to the grid or a data center before the end of the decade. Natural gas, which the U.S. has plenty of, is hamstrung by five-plus-year waitlists for new turbines. That leaves renewables paired with battery storage. Google has contracted with enough renewables to match its total consumption, though those sources don't always deliver electrons when and where the company needs them. 'When we announced to the world that we were achieve that 100% annual matching goal, we were very clear that wasn't the end state,' Michael Terrell, Google's head of advanced energy, told reporters last week. 'The end game was 24/7 carbon free energy around the clock everywhere we operate at all times.' Google has some work to do. Worldwide, the company has about 66% of its data center consumption, matched to the hour, powered by carbon-free electricity. But that average papers over some regional challenges. While its Latin American data centers hit 92% last year, its Middle East and Africa facilities are only at 5%. Those hurdles are part of why Google is investing in stable, carbon-free sources like fission and fusion, Terrell said. 'In order for us to eventually reach this goal, we are going to have to have these technologies,' he said.
WIRED
an hour ago
- WIRED
A Pro-Russia Disinformation Campaign Is Using Free AI Tools to Fuel a ‘Content Explosion'
Jul 1, 2025 3:27 PM Consumer-grade AI tools have supercharged Russian-aligned disinformation as pictures, videos, QR codes, and fake websites have proliferated. Photo Illustration: WIRED Staff; Getty Images A pro-Russia disinformation campaign is leveraging consumer artificial intelligence tools to fuel a 'content explosion' focused on exacerbating existing tensions around global elections, Ukraine, and immigration, among other controversial issues, according to new research published last week. The campaign, known by many names including Operation Overload and Matryoshka (other researchers have also tied it to Storm-1679), has been operating since 2023 and has been aligned with the Russian government by multiple groups, including Microsoft and the Institute for Strategic Dialogue. The campaign disseminates false narratives by impersonating media outlets with the apparent aim of sowing division in democratic countries. While the campaign targets audiences around the world, including in the US, its main target has been Ukraine. Hundreds of AI-manipulated videos from the campaign have tried to fuel pro-Russian narratives. The report outlines how, between September 2024 and May 2025, the amount of content being produced by those running the campaign has increased dramatically and is receiving millions of views around the world. In their report, the researchers identified 230 unique pieces of content promoted by the campaign between July 2023 and June 2024, including pictures, videos, QR codes, and fake websites. Over the last eight months, however, Operation Overload churned out a total of 587 unique pieces of content, with the majority of them being created with the help of AI tools, researchers said. The researchers said the spike in content was driven by consumer-grade AI tools that are available for free online. This easy access helped fuel the campaign's tactic of 'content amalgamation,' where those running the operation were able to produce multiple pieces of content pushing the same story thanks to AI tools. 'This marks a shift toward more scalable, multilingual, and increasingly sophisticated propaganda tactics,' researchers from Reset Tech, a London-based nonprofit that tracks disinformation campaigns, and Check First, a Finnish software company, wrote in the report. 'The campaign has substantially amped up the production of new content in the past eight months, signalling a shift toward faster, more scalable content creation methods.' Researchers were also stunned by the variety of tools and types of content the campaign was pursuing. "What came as a surprise to me was the diversity of the content, the different types of content that they started using,' Aleksandra Atanasova, lead open-source intelligence researcher at Reset Tech, tells WIRED. 'It's like they have diversified their palette to catch as many like different angles of those stories. They're layering up different types of content, one after another.' Atanasova added that the campaign did not appear to be using any custom AI tools to achieve their goals, but were using AI-powered voice and image generators that are accessible to everyone. While it was difficult to identify all the tools the campaign operatives were using, the researchers were able to narrow down to one tool in particular: Flux AI. Flux AI is a text-to-image generator developed by Black Forest Labs, a German-based company founded by former employees of Stability AI. Using the SightEngine image analysis tool, the researchers found a 99 percent likelihood that a number of the fake images shared by the Overload campaign—some of which claimed to show Muslim migrants rioting and setting fires in Berlin and Paris—were created using image generation from Flux AI. The researchers were then able to generate images that closely replicate the aesthetic of the published images using prompts that included discriminatory language—such as 'angry Muslim men.' This highlights 'how AI text-to-image models can be abused to promote racism and fuel anti-Muslim stereotypes,' the researchers wrote, adding that it raises 'ethical concerns on how prompts work across different AI generation models.' 'We build in multiple layers of safeguards to help prevent unlawful misuse, including provenance metadata that enables platforms to identify AI generated content, and we support partners in implementing additional moderation and provenance tools,' a spokesperson for Black Forest Labs wrote in an email to WIRED. 'Preventing misuse will depend on layers of mitigation as well as collaboration between developers, social media platforms, and authorities, and we remain committed to supporting these efforts.' Atansova tells WIRED the images she and her colleagues reviewed did not contain any metadata. Operation Overload's use of AI also uses AI-voice cloning technology to manipulate videos to make it appear as if prominent figures are saying things they never did. The number of videos produced by the campaign jumped from 150 between June 2023 and July 2024 to 367 between September 2024 and May 2025. The researchers said the majority of the videos in the last eight months used AI technology to trick those who saw them. In one instance, for example, the campaign published a video in February on X that featured Isabelle Bourdon, a senior lecturer and researcher at France's University of Montpellier, seemingly encouraging German citizens to engage in mass riots and vote for the far-right Alternative for Germany (AfD) party in federal elections. This was fake: The footage was taken from a video on the school's official YouTube channel where Bourdon discusses a recent social science prize she won. But in the manipulated video, AI-voice cloning technology made it seem as if she was discussing the German elections instead. The AI-generated content produced by Operation Overload is shared on over 600 Telegram channels, as well as by bot accounts on social media platforms like X and Bluesky. In recent weeks, the content has also been shared on TikTok for the first time. This was first spotted in May, and while the number of accounts was small—just 13— the videos posted were seen 3 million times before the platform demoted the accounts. "We are highly vigilant against actors who try to manipulate our platform and have already removed the accounts in this report,' Anna Sopel, a TikTok spokesperson, tells WIRED. 'We detect, disrupt and work to stay ahead of covert influence operations on an ongoing basis and report our progress transparently every month.' The researchers pointed out that while Bluesky had suspended 65 percent of the fake accounts, 'X has taken minimal action despite numerous reports on the operation and growing evidence for coordination.' X and Bluesky did not respond to requests for comment. Once the fake and AI generated content is created by Operation Overload, the campaign does something unusual: They send emails to hundreds of media and fact-checking organizations across the globe, with examples of their fake content on various platforms, along with requests for the fact-checkers to investigate if it is real or not. While it may seem counterintuitive for a disinformation campaign to alert those trying to tackle disinformation about their efforts, for the pro-Russia operatives, getting their content posted online by a real news outlet—even if it is covered with the word 'FAKE'—is the ultimate aim. According to the researchers, up to 170,000 such emails were sent to more than 240 recipients since September 2024. The messages typically contained multiple links to the AI-generated content, but the email text was not generated using AI, the researchers said. Pro-Russia disinformation groups have long been experimenting with using AI tools to supercharge their output. Last year a group dubbed CopyCop, likely linked to the Russian government, was shown to be using large language models, or LLMs, to create fake websites designed to look like legitimate media outlets. While these attempts don't typically get much traffic, the accompanying social media promotion can attract attention and in some cases the fake information can end up on the top of Google search results. A recent report from the American Sunlight Project estimated that Russian disinformation networks were producing at least 3 million AI-generated articles each year, and that this content was poisoning the output of AI-powered chatbots like OpenAI's ChatGPT and Google's Gemini. Researchers have repeatedly shown how disinformation operatives are embracing AI tools, and as it becomes increasingly difficult for people to tell real from AI-generated content, experts predict the surge in AI content fuelling disinformation campaigns will continue. 'They already have the recipe that works,' Atanasova says. 'They know what they're doing.'
Android Authority
an hour ago
- Android Authority
Gemini's colorful new look is now as good as official
TL;DR Google's been up to some colorful rebranding this summer, starting with its G logo. Last month, we started noticing a new rainbow-colored star popping up for Gemini's icon. Today Google has started using the new rainbow Gemini look for its X account. A fresh splash of color can really change everything. Whether you're taking the daring step of dyeing your hair blue or just slapping a fun yellow case on your phone, the right color in the right place can be very impactful. Google is one company that's no stranger to colorful displays, having embraced a rainbow palette for its corporate branding decades ago. Here in 2025, we continue to see that rainbow peek out from cloud after cloud, and today we're checking out the latest way it's bringing a little more color to Google's product offerings. Back in May, Google introduced a fun new gradient design for its G logo's multi-colored spread, but more recently we've been tracking efforts to introduce some extra color to Gemini. So far, Gemini has favored red, blue, and purple hues, and while that ultimately helps it stand out a little against the rest of Google's service portfolio, it can also come across a bit dark-looking. Last week, while doing a teardown on a recent Google update we spotted a change that appeared to be in the works for Gemini's four-cornered star logo, dropping the purple routine for a full Google rainbow. And then just yesterday, another update revealed this new rainbow icon getting ready to appear in lots of new places, all around the app. Today, we think we can finally call this rebranding official, as the Google Gemini X channel publicly adopts the rainbow star. Even with Google having taken this big step, we're still waiting to see if the new look will continue to make its presence felt across everywhere Gemini finds a home. Google's Play Store listing is still all blues and purples, as is the site icon used by Gemini on the web — but even that looks like it's already starting to change, as we see in Google Search results. After revisiting the G's rainbow and now this Gemini star action, what are the odds we see this trend continue to spread across all things Google. The vast majority are rainbow already, but can you think of any other corners of its ecosystem that could use a colorful rebrand? Make your case down in the comments. Got a tip? Talk to us! Email our staff at Email our staff at news@ . You can stay anonymous or get credit for the info, it's your choice.
