A new malware threat known as has emerged, posing a severe risk to Google account security. A report by BleepingComputer says, unlike traditional phishing scams or brute-force attacks, leverages a vulnerability in cookies, making it a more insidious threat.
This malware especially targets automatic login session cookies, collecting them from Chrome browsers and resurrecting them even after password resets and two-factor authentication. Check out the details.
Malware Exploits Cookies to Hack Google Accounts
Worryingly, even if you change your password or set two-factor authentication, the malware can still provide illegal access, working as a concealed spare key under a floorboard. At the moment, multiple malware groups are exploiting this vulnerability, with some claiming to have adapted to Google’s defenses.
CloudSek researchers successfully reverse-engineered the vulnerability, which was first exposed in October 2023 by a bad actor known as PRISMA. While cookie regeneration only works once after a password reset, regeneration is unlimited, allowing attackers to persist.
Google appears to be actively tackling the issue, as indicated by a malware developer’s attempt to circumvent its safeguards. However, the tech titan has not revealed any details about its efforts to offset any damage. It is critical to avoid installing software from unknown sources to protect against such assaults. If inappropriate behavior is identified on Google Chrome accounts, users should take prompt action.
Here are several important safety precautions:
- Update Chrome: To patch the vulnerability, make sure you’re running the most recent version.
- Stay Cautious: Caution should be exercised while clicking on suspicious links or downloading unknown applications.
- Manual Sign Out: Sign out of your Google account whenever possible, especially on shared computers.
- Turn on Strong 2FA: While not perfect, two-factor authentication offers an additional layer of security.
- Keep an eye out for security alerts: Keep an eye out for any unusual activity in Google security alerts.
While a permanent solution is being developed, this cookie-based virus serves as a reminder of the ever-changing nature of cyber threats. Users can drastically lower their chances of falling prey to this devious attack by following these recommendations and remaining informed. Remember that online security is a shared responsibility, so be cautious.