Malware Targeting Google Accounts Emerges
Cybersecurity researchers in recent developments, have unearthed a concerning hacking technique that grants cybercriminals access to Google accounts without needing users’ passwords. This dangerous form of malware employs third-party cookies to infiltrate personal data, and it’s currently undergoing active testing by hacking groups.
The discovery of this exploit traces back to October 2023 when a hacker shared details about it on a Telegram channel. The hacker explained how accounts could be compromised through a vulnerability involving cookies, which are commonly used by websites and browsers to enhance user experience.
Google authentication cookies, designed to allow users access without frequent password entries, became the target of this malware. The hackers found a way to retrieve these cookies, bypassing even two-factor authentication.
The Google Chrome web browser, with over 60% market share, is now actively addressing the issue by cracking down on third-party cookies. Google responded by stating, “We routinely upgrade our defences against such techniques and to secure users who fall victim to malware. In this instance, Google has taken action to secure any compromised accounts detected.”
The complexity and stealth of modern cyber-attacks are underscored by this exploit. Pavan Karthick M, a threat intelligence researcher at CloudSEK, warns that “this exploit enables continuous access to Google services, even after a user’s password is reset.” He emphasizes the need for continuous monitoring of vulnerabilities and human intelligence to stay ahead of emerging cyber threats.
Google advises users to take steps to remove any malware from their computers and recommends turning on Enhanced Safe Browsing in Chrome for added protection against phishing and malware downloads.
This security concern, detailed in the report titled ‘Compromising Google accounts: Malware Exploiting Undocumented OAuth2 Functionality for session hijacking,’ sheds light on the evolving landscape of cyber threats and the importance of staying vigilant to protect online accounts.
Post Disclaimer
The opinions, beliefs and viewpoints expressed by the author and forum participants on this website do not necessarily reflect the opinions, beliefs and viewpoints of Anaedo Online or official policies of the Anaedo Online.