A recent report by cybersecurity firm CloudSEK reveals a concerning development in cyber threats, as hackers have found a way to access Google accounts without compromising passwords. The method involves exploiting undocumented OAuth2 functionality using third-party cookies, allowing unauthorized access to private data, even with Google’s two-factor authentication in place.
The report, titled ‘Compromising Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking,’ emphasizes the sophistication and stealth of this modern cyber attack. According to CloudSEK threat intelligence researcher Pavan Karthick M, this exploit grants continuous access to Google services, persisting even after a user resets their password. The report underscores the importance of continuous monitoring of technical vulnerabilities and human intelligence sources to stay ahead of emerging cyber threats.
The threat initially came to light when a hacker shared details about this dangerous malware on Telegram last year, revealing how they could access individuals’ data through website cookies. The method bypasses traditional password protection, posing a significant risk to user privacy.
Notably, Google Chrome, a widely-used web browser, is actively addressing the issue by cracking down on third-party cookies. Google stated that they routinely enhance their defenses against such techniques and secure compromised accounts promptly. Users are advised to take proactive measures, including removing any malware from their computers. Google recommends enabling Enhanced Safe Browsing in Chrome as an additional layer of protection against phishing and malware downloads.
As the cybersecurity landscape continues to evolve, users are urged to stay vigilant, adopt security measures, and keep their systems updated to safeguard against emerging threats like this one.