Hackers can log in to Google accounts without a password 3

Hackers can log in to Google accounts without a password 3

Cybercriminals can access a user's Google account through a cookie vulnerability without knowing the password.

Security company CloudSEK has just published research on a form of malware that uses cookies to illegally access users’ private data.

The attack method was first revealed by a hacker in October 2023 on Telegram.

There are many different types of cookies, among which Google authentication cookies help users access their accounts without having to constantly log in.

Some Google applications on the phone.

After reversing the code and analyzing, CloudSEK experts assessed that this was a sophisticated form of exploitation.

`Alarmingly, the exploitation of the vulnerability works effectively as soon as the user has just reset the password. Victims can be tracked for a long time, rarely detected,` CloudSEK emphasized on the severity of the breach.

According to experts, the new form of attack shows that hackers are increasingly sophisticated, tending to hide, looking for long-term effective methods that are more difficult to detect.

Google Chrome currently accounts for about 60% of the Internet browser market share.

`Users should continually follow instructions to remove malware warnings from their computers. We recommend turning on enhanced safe web browser mode when using Chrome to minimize downloads

According to CloudSEK, while waiting for a full solution from Google, users should log out of all existing accounts and profiles on the browser if they suspect they have been attacked.

Leave a Reply

Your email address will not be published. Required fields are marked *