New malware uses cookies to break into Google Accounts

Main Image
  • Like
  • Comment
  • Share

A new malware threat known as has emerged, posing a severe risk to Google account security. A report by BleepingComputer says, unlike traditional phishing scams or brute-force attacks, leverages a vulnerability in cookies, making it a more insidious threat. 

This malware especially targets automatic login session cookies, collecting them from Chrome browsers and resurrecting them even after password resets and two-factor authentication. Check out the details.

Malware Exploits Cookies to Hack Google Accounts

Worryingly, even if you change your password or set two-factor authentication, the malware can still provide illegal access, working as a concealed spare key under a floorboard. At the moment, multiple malware groups are exploiting this vulnerability, with some claiming to have adapted to Google’s defenses.

CloudSek researchers successfully reverse-engineered the vulnerability, which was first exposed in October 2023 by a bad actor known as PRISMA. While cookie regeneration only works once after a password reset, regeneration is unlimited, allowing attackers to persist.

Google appears to be actively tackling the issue, as indicated by a malware developer’s attempt to circumvent its safeguards. However, the tech titan has not revealed any details about its efforts to offset any damage. It is critical to avoid installing software from unknown sources to protect against such assaults. If inappropriate behavior is identified on Google Chrome accounts, users should take prompt action.

Here are several important safety precautions:

  1. Update Chrome: To patch the vulnerability, make sure you’re running the most recent version.
  2. Stay Cautious: Caution should be exercised while clicking on suspicious links or downloading unknown applications.
  3. Manual Sign Out: Sign out of your Google account whenever possible, especially on shared computers.
  4. Turn on Strong 2FA: While not perfect, two-factor authentication offers an additional layer of security.
  5. Keep an eye out for security alerts: Keep an eye out for any unusual activity in Google security alerts.

While a permanent solution is being developed, this cookie-based virus serves as a reminder of the ever-changing nature of cyber threats. Users can drastically lower their chances of falling prey to this devious attack by following these recommendations and remaining informed. Remember that online security is a shared responsibility, so be cautious.

You can follow Smartprix on Twitter, Facebook, Instagram, and Google News. Visit smartprix.com for the most recent news, reviews, and tech guides.

Related Articles

Image3rd Gen Audi Q7 Revealed Globally With A V8 Engine Option, New Interiors, And Three Seating Configurations

Audi has revealed the third-generation Q7, bringing the most comprehensive update in the lineup’s history after an 11-year run of the outgoing (second-gen) version.  Built on the new Premium Platform Combustion architecture, the 2026 Q7 features an entirely new design, interiors that look like they’ve been sourced from the Q9, is available in three seating …

ImageLeaked Android certificates left millions of smartphones vulnerable to malware

Looks like millions of Android smartphones were literally inches away from mass malware attacks. Devices from LG, Samsung and MediaTek chipsets were subjected to a major Android vulnerability. Once exploited, it would have given cyberattackers complete authority over your device. In fact, the privileges that this vulnerability introduces to the injected malware may be more …

ImageWhy is Google warning its Users Against Downloading the Bard App? Read Story to Find Out

Leading American Tech giant Google is not a stranger to malware with millions of users affected by the issue on Android. However, in the last few months, Google has been facing a new-age malware challenge that involves Google’s own AI chatbot Bard. Apparently, Google Bard is being misused by scammers to infect malware into users’ …

ImageHere’s How You Can Try Google’s New 3D Emojis Before the Official Rollout

Google recently unveiled Noto 3D, its biggest emoji redesign since Android 11 introduced the current Noto Color Emoji set in 2020. The new emojis were showcased during The Android Show ahead of Android 17 and feature fully modeled 3D designs instead of the flatter style Android users have become familiar with over the past several …

ImageForget The Chromebook: Google’s New Googlebook Is Built Entirely Around Gemini Intelligence

About fifteen years ago, Google launched the Chromebook, a new category of devices built for cloud-based workflows that required relatively lighter hardware but helped users get a capable machine at a very reasonable price. The browser-first device found its way into schools, offices, and homes around the world.  Also Read: From Grocery Lists to Custom …

Discuss

1 Comment
Be the first to leave a comment.

Related Products