Cybersecurity emergency: Google cookies in the sights of hackers
Security experts alert: Google session data vulnerability under hacker attack
A report indicates that there is malware stealing Google session cookies to access user accounts. Even changing your password doesn't stop the attack. Google is working to fix the problem.
A recent CloudSEK report echoes an evolved threat that worries cyber security experts: specific types of malware have targeted session cookies used by Google services. This data, usually used to keep users connected to their accounts, can be exploited to obtain unauthorized access, without the victim being aware. On the Telegram platform, a potentially malicious channel has spread information about this vulnerability, reinforcing the need for vigilant attention to digital security.
Malware and advanced attack strategies
Google's commonly trusted authentication mechanism is vulnerable to a particular attack method that appears to evade even the protection afforded by two-factor authentication. The technical analysis conducted on the malware algorithms illustrates a complex attack and the use of methods that strike depths of the security architecture, highlighting the ability of attackers to bypass traditional protection systems. Malware like Lumma has been updated to exploit these mechanisms, intensifying the risks for users.
Impact on user security
The danger of such an attack intensifies when it is realized that the compromise persists even after users have changed their login credentials. This gives attackers the ability to withhold access for extended periods, putting user data and privacy at risk. Google, the tech giant that develops the Chrome browser, is aware of this situation and is working to identify and protect compromised profiles.
Recommendations for data protection
For those who need to defend their personal data, the current advice is to follow Google's guidelines, eliminating malicious software and activating safe navigation systems. CloudSEK urges immediate logging out of all profiles in the event of a suspected compromise, as a precaution until Google implements permanent fixes. Furthermore, periodically updating passwords remains a recommended step, although this measure does not guarantee absolute protection against the most sophisticated attacks.
Follow us on Telegram for more pills like this01/13/2024 12:05
Marco Verro