Hackers can now take control of your Google Account without needing a password. Here’s how it works
Cybercriminals have found a way to gain access to people’s Google accounts without needing their password, and the new exploit gives hackers continued access to Google services even after a user’s password has been reset.
Also Read | After Canada and Palestine, Indian hackers launch cyber attacks on Qatar to avenge death penalty of former Navy officers
The new vulnerability was analysed by security firm CloudSEK and reported by The Independent. Furthermore, the issue first came to the fore when a hacker posted about it on a Telegram channel in October 2023.
The Independent report noted how Google accounts could be compromised due to a vulnerability in third-party cookies, which are used by websites and browsers to track users and increase their efficiency.
In addition, Google’s authentication cookies help users save their login details and log in without having to re-enter them. However, hackers have now found a way to bypass two-factor authentication and retrieve these cookies.
The blogpost by CloudSEK noted, “This exploit enables continuous access to Google services, even after a user’s password is reset…It highlights the necessity for continuous monitoring of both technical vulnerabilities and human intelligence sources to stay ahead of emerging cyber threats.”
Also Read | ‘9 + 10 = 21’: Hackers expose big flaws and biases in top AI systems by Google, OpenAI. Details here
Meanwhile, The Independent report noted that Google Chrome is currently in the process of upgrading its defences and securing users from falling victim to malware. A Google statement quoted by The Independent read, “We routinely upgrade our defences against such techniques and to secure users who fall victim to malware. In this instance, Google has taken action to secure any compromised accounts detected,” Google said in a statement.
“Users should continually take steps to remove any malware from their computer, and we recommend turning on Enhanced Safe Browsing in Chrome to protect against phishing and malware downloads.” the company further noted
Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it’s all here, just a click away! Login Now!
Download The Mint News App to get Daily Market Updates & Live Business News.
More
Less
Published: 07 Jan 2024, 10:05 AM IST
Cybercriminals have found a way to gain access to people’s Google accounts without needing their password, and the new exploit gives hackers continued access to Google services even after a user’s password has been reset.
Also Read | After Canada and Palestine, Indian hackers launch cyber attacks on Qatar to avenge death penalty of former Navy officers
The new vulnerability was analysed by security firm CloudSEK and reported by The Independent. Furthermore, the issue first came to the fore when a hacker posted about it on a Telegram channel in October 2023.
The Independent report noted how Google accounts could be compromised due to a vulnerability in third-party cookies, which are used by websites and browsers to track users and increase their efficiency.
In addition, Google’s authentication cookies help users save their login details and log in without having to re-enter them. However, hackers have now found a way to bypass two-factor authentication and retrieve these cookies.
The blogpost by CloudSEK noted, “This exploit enables continuous access to Google services, even after a user’s password is reset…It highlights the necessity for continuous monitoring of both technical vulnerabilities and human intelligence sources to stay ahead of emerging cyber threats.”
Also Read | ‘9 + 10 = 21’: Hackers expose big flaws and biases in top AI systems by Google, OpenAI. Details here
Meanwhile, The Independent report noted that Google Chrome is currently in the process of upgrading its defences and securing users from falling victim to malware. A Google statement quoted by The Independent read, “We routinely upgrade our defences against such techniques and to secure users who fall victim to malware. In this instance, Google has taken action to secure any compromised accounts detected,” Google said in a statement.
“Users should continually take steps to remove any malware from their computer, and we recommend turning on Enhanced Safe Browsing in Chrome to protect against phishing and malware downloads.” the company further noted
Unlock a world of Benefits! From insightful newsletters to real-time stock tracking, breaking news and a personalized newsfeed – it’s all here, just a click away! Login Now!
Download The Mint News App to get Daily Market Updates & Live Business News.
More
Less
Published: 07 Jan 2024, 10:05 AM IST