Hackers can now access Google accounts without passwords: Report
A new type of malware exploit has been discovered, in which hackers can gain access to Google accounts without the need for a password, according to a recent report by CloudSEK, a cyber threat monitoring platform. As per the report, this form of cyberattack leverages a vulnerability related to third-party cookies and poses a serious threat to user privacy.
The exploit, originally discovered in October 2023, was first disclosed by a hacker on Telegram, as per a report by the British online newspaper The Independent. According to the hacker, the malware manipulates Google authentication cookies without repeated login requirements. This technique allows cybercriminals to bypass two-factor authentication, posing a significant risk to users who rely on these additional security measures.
The vulnerability specifically targets Google Chrome, the world's most widely used web browser with over 60% market share, adds The Independent report. Google, in response to the revelation, stated, "We routinely upgrade our defences against such techniques and to secure users who fall victim to malware. In this instance, Google has taken action to secure any compromised accounts detected."
While Google is actively working to enhance security by cracking down on third-party cookies in the Chrome browser, users are urged to remain vigilant. Google advises users to regularly remove any malware from their devices and recommends activating 'Enhanced Safe Browsing' in Chrome to safeguard against phishing attempts and malware downloads.
In the report titled 'Compromising Google accounts: Malware exploiting undocumented OAuth2 functionality for session hijacking', Pavan Karthick M, Threat Researcher at CloudSEK, emphasised the significance of continuous monitoring for both technical vulnerabilities and human intelligence sources to effectively counter emerging cyber threats.
Karthick added in the report that the exploit enables continuous access to Google services, even after a user's password is reset. As such, users should stay informed about potential threats and take proactive measures to secure their accounts.