In a shocking discovery, hackers have figured out a way to break into Google accounts without needing your password. Even scarier, they can still access your Google services after changing your password. Here’s the lowdown on this concerning security breach.
Security firm CloudSEK uncovered this vulnerability when a hacker spilled the beans on a Telegram channel in October 2023. Essentially, these cybercriminals exploit a weakness in third-party cookies, the bits of data websites and browsers use to remember you. This allows them to sidestep two-factor authentication and grab hold of your Google authentication cookies.
CloudSEK’s blog post explained that this exploit lets hackers have “continuous access to Google services, even after a user’s password is reset.” It’s a serious wake-up call about the need for tech defenses and human intelligence to stay ahead of cyber threats.
Google’s Response
Google Chrome is on the case, beefing up its defenses to protect users from malware. In a statement, Google assured users they’re actively securing any compromised accounts they detect. They advise users to remove malware from their computers and turn on Enhanced Safe Browsing in Chrome for added protection.
How It Works
The exploit, discovered by CloudSEK, revolves around a hidden Google OAuth endpoint called “MultiLogin.” This flaw allows hackers to generate persistent Google cookies, meaning they can keep accessing your account even if you change your password.
Unfortunately, hackers wasted no time incorporating this exploit into their info-stealing malware. Various threat groups, like Rhadamanthys, Risepro, Meduza, and Stealc Stealer, have reportedly jumped on the bandwagon, making the risk even higher for users.
What You Should Do
If you’re worried that your Google account might be compromised, here’s what CloudSEK recommends:
- Log out of all your devices and browsers.
- Reset your password with something solid and unique.
Unfortunately, a simple password reset won’t cut it this time. It would help to kick those hackers out of all your devices first.
This discovery raises significant questions about the security of passwords and login processes. As Google and others work on solutions, it’s a reminder to stay vigilant online. Keep an eye on your accounts; if it seems off, take action. Your digital safety is worth it.