Security researchers have identified a sophisticated hack that enables cybercriminals to gain unauthorized access to individuals’ Google accounts without requiring their passwords.
The exploit, discovered by security firm CloudSEK, employs a perilous form of malware that leverages third-party cookies to infiltrate private data.
Unveiling Cyber Threats
Even more alarming is the fact that hacking groups are actively testing this malicious method. The exploit first came to light in October 2023 when a hacker disclosed the vulnerability on the Telegram messaging platform.
The hacker detailed how accounts could be compromised through a weakness in cookies, which are commonly used by websites and browsers to track users and enhance efficiency.
Notably, Google authentication cookies are designed to allow users seamless access to their accounts without the need for repeated login credentials. However, hackers have found a way to retrieve these cookies, enabling them to bypass two-factor authentication safeguards.
Google Chrome, the world’s most widely used web browser with a market share exceeding 60% last year, is presently tightening its stance on third-party cookies. Despite these efforts, security researchers caution that this exploit underscores the complexity and stealth of contemporary cyber attacks.
“We routinely upgrade our defenses against such techniques and to secure users who fall victim to malware. In this instance, Google has taken action to secure any compromised accounts detected,” stated Google in response to the security threat.
The tech giant also recommended users take proactive measures to remove any malware from their computers and enable Enhanced Safe Browsing in Chrome for protection against phishing and malware downloads.
Read more: Google Chrome Puts Users In Control With New Cookie Blocking Feature
Google Security Alert
The severity of the threat lies in its ability to provide continuous access to Google services, even after a user resets their password. Pavan Karthick M, a threat intelligence researcher at CloudSEK, emphasized the importance of continuous monitoring of both technical vulnerabilities and human intelligence sources to stay ahead of emerging cyber threats.
The details of this security issue have been documented in a report titled ‘Compromising Google accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking,’ authored by Pavan Karthick M of CloudSEK’s threat intelligence team.
As the cybersecurity landscape evolves, it is imperative for users to remain vigilant, adopt robust security measures, and stay informed about emerging threats in the digital realm.
Read more: Giant Cannibal Frog: Georgia Braces For Invasive Amphibian Menace!
