Google accounts: Hackers bypass passwords with undetected cookie vulnerability

Cybersecurity researchers have sounded the alarm over a critical vulnerability allowing hackers to access Google accounts without passwords. This exploit, discovered in October 2023, leverages malicious malware that targets third-party cookies used by Google accounts for authentication.

Services like Malwarebytes offer multi-layered protection against exploits like the one targeting Google accounts through third-party cookies. Malwarebytes Personal and Premium can detect and remove the malicious software used in this attack, preventing them from stealing your cookies in the first place.

Browser Guard adds another line of defence by blocking malicious websites and trackers that might try to exploit vulnerabilities. Furthermore, Malwarebytes Privacy VPN encrypts your online traffic, making it significantly harder for hackers to intercept your cookies even if malware infects your device.

By using these services in combination, you can significantly reduce your risk of falling victim to this type of exploit and protect your Google account and other online identities.

What Google accounts users should know

The hack

Hackers exploit a flaw in how Google’s authentication system handles cookies. These cookies, meant to streamline logins, can be intercepted by the malware, granting attackers access to the account even after password resets. This bypasses even two-factor authentication, adding another layer of concern.

Impact and response

While Google has secured compromised accounts and continues to improve its defences, individual users remain vulnerable. Researchers and Google advise taking proactive steps like removing malware and enabling Chrome’s “Enhanced Safe Browsing” feature.

Complexity and Significance: This hack highlights the evolving sophistication of cyber threats. Pavan Karthick M, the researcher who first uncovered the vulnerability, emphasises the need for continuous monitoring and intelligence gathering to stay ahead of these evolving threats.

Malwarebytes

Students save big with Malwarebytes!

Bring Malwarebytes to the classroom and save 50% on our plans for up to two devices.

Call to action

All Google users should be vigilant and take recommended security measures to protect their accounts. This incident underscores the importance of staying informed about evolving cyber threats and adopting robust security practices.

Additional details:

The exploit leverages an undocumented Google OAuth2 functionality.
The hack was first made public on a Telegram channel in October 2023.
A detailed report on the vulnerability titled “Compromising Google Accounts: Malware Exploiting Undocumented OAuth2 Functionality for session hijacking” is available from CloudSEK.

10 Steps users can follow to protect Google accounts

Here are 10 steps you can follow to protect yourself from the Google account cookie exploit:

Install and regularly update antivirus and anti-malware software

Use reputable software like Malwarebytes Personal or Premium to detect and remove malware that could steal your cookies.

Malwarebytes

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being. Removes malware and spyware Detects and removes malware and other advanced threats. Automatically finds malware 24/7 Detects malware in real-time, before it can be a danger to your device. Stops exploit attacks* Shields vulnerable systems and software from exploit attacks. Blocks ransomware attacks* Stops ransomware attacks before your data is held hostage. Shields against malicious websites* Prevents access to and from known malicious websites.

Enable enhanced safe browsing in Chrome

This feature helps block malicious websites and downloads that could lead to malware infections.

Use a VPN

A VPN encrypts your online traffic, making it harder for hackers to intercept your cookies, even if malware is present. Malwarebytes Privacy VPN is a good option.

Be cautious about email attachments and links

Don’t open attachments or click links from unknown or suspicious sources, as they could contain malware.

Why use a VPN

SECURITY: Our secure VPN sends your internet traffic through an encrypted VPN tunnel, so your passwords and confidential data stay safe, even over public or untrusted Internet connections.

PRIVACY: Keep your browsing history private. As a Swiss VPN provider, we do not log user activity or share data with third parties. Our anonymous VPN service enables Internet without surveillance.

FREEDOM: We created ProtonVPN to protect the journalists and activists who use ProtonMail. ProtonVPN breaks down the barriers of Internet censorship, allowing you to access any website or content.

Get ProtonVPN Now

Avoid downloading software from untrusted websites

Stick to official app stores and websites to download software to reduce the risk of malware infections.

Keep your software and operating system up to date

Install security patches promptly to address newly discovered vulnerabilities.

Use strong, unique passwords for all your online accounts

Avoid using the same password for multiple accounts, and make sure your passwords are complex and difficult to guess.

Sweet TnT 100 West Indian Recipes

Sweet TnT 100 West Indian Recipes is your kitchen guide to cooking in the Caribbean. Add flavour to your pot and put a smile on everyone’s faces with the right amount of seasonings, spices and stories about the foods you prepare. This cookbook contains 100 tantalising recipes and full colour photographs of home-cooked meals, street foods, treats and drinks that are known in the West Indies for having particular names, ingredients and preparations. The 10 sections are Breads, Fillings, Chutneys and Sauces, Soups, Main Dishes, Salads, Drinks, Desserts, Sweet Snacks and Savoury Snacks. • Kindle – US$4.99 • Paperback – US$29.91

Enable two-factor authentication (2FA) on your Google account

This adds an extra layer of security, even if your password is compromised.

Regularly check your Google account activity

Look for any suspicious logins or activity that you don’t recognise.

Be vigilant about phishing scams

Phishing emails try to trick you into revealing personal information or clicking on malicious links. Be cautious of emails that claim to be from Google or other reputable companies.

LifeLock | Identity Theft Protection

Identity theft can happen easily. LifeLock makes protection easy, too. Get alerts† to possible threats by text, phone call, email or mobile app, lock accounts with one click, and if your identity gets stolen, we work to fix it. • Scan • Alert • Fix • Up to $3 Million Coverage

Google accounts remain vulnerable despite hack fix: Protect yourself!

While Google has addressed a recent vulnerability that allowed attackers to hijack Google accounts even after password resets, individual users still face risks. This incident highlights the ever-evolving nature of cyber threats and the importance of robust security practices for all Google accounts users.

Here’s a call to action:

Be vigilant and take recommended security measures to safeguard your Google accounts.
Stay informed about evolving cyber threats and adopt robust security practices.

Remember, protecting your Google accounts is crucial in today’s digital landscape. Follow the recommended steps and stay vigilant to stay ahead of potential threats.

______________________________________