In a recent report it was founded out that cybercriminals had found a way to access into google accounts without the need of password this new exploit give hackers to access continuously into Google services even after the password had been reset. Because of this Issue google is upgrading its defences to protect its users from phishing and malware attacks.
Table of Contents
How it Can get exploited
Addition to this Google’s authentication cookies can help the users save their login details without having to reenter them but hackers had found out a new way to go past the two factor authentication and retrieve in the cookies.
A blogpost by cloudSEK notes that “this leverage enables continuous access to google services even after the users reset the password this points out the importance of continuous monitoring of technical vulnerabilities and human intelligence sources to stay ahead of the emerging cyber threats”
who revealed the details
The thread was first revealed when a hacker posted last year in telegram about the dangerous forms of malware which was reported in The Independent the hacker also mentioned the way they can access people’s data through the cookies which is used by the websites. “We do routine upgrades in our defences against such techniques and to secure users who fall victim to the malware. This instance, Google has decided to take action to secure any accounts detected. Users should take steps to remove any malware from their computer, and we recommend turning on Enhanced Safe Browsing in google chrome to protect against phishing and malware downloads, the company further added to The independent.