New malware enables hackers to access Google accounts without passwords

Buzz

CloudSEK security company discovers new types of malware that allow hackers to easily access victims' Google accounts without passwords.

In today's digital world, cybersecurity is always a top concern. A recent discovery by CloudSEK security company has raised a new concern that hackers can access users' Google accounts without knowing their passwords. This method poses a significant challenge for both users and service providers.

In today's digital world, cybersecurity is always a top concern.

This discovery reveals that hacker groups are becoming more sophisticated in their attack techniques by using cookies, a familiar tool in daily web browsing experience. Cookies are commonly used to remember user behaviors, thereby enhancing internet experience. However, in this case, they become a tool for illicit activities.

This discovery reveals that hacker groups are becoming more sophisticated in their attack techniques

The problem lies in the authentication cookie developed by Google to allow users to access accounts without constant login. Hackers have found a vulnerability in this mechanism, allowing them to bypass two-factor authentication and access accounts without passwords. This is a complex form of exploitation, requiring deep understanding of Google's authentication mechanism as well as profound knowledge of security.

Hackers have found a vulnerability in this mechanism, allowing them to bypass two-factor authentication

More dangerously, this attack method remains effective even when users have just reset their passwords and is challenging to detect. In October 2023, a hacker shared the method of infiltrating Google accounts through this cookie vulnerability on Telegram, further escalating the danger of the issue.

Google has been striving to enhance technical measures to detect unauthorized logins through this security flaw. The company also advises users to enable advanced safe browsing mode when using Chrome and follow instructions to remove malware from their computers.

In October 2023, a hacker shared the method of infiltrating Google accounts

While awaiting a comprehensive solution from Google, CloudSEK advises users who suspect being targeted to log out of all accounts and profiles in the browser, then reset passwords and log back in. Though not guaranteeing absolute safety against this new form of attack, this can create a significant barrier for unauthorized access to user accounts.

CloudSEK advises users to log out of all accounts if they suspect being targeted

With the continuous development of technology, safeguarding personal data online becomes an important and urgent task. CloudSEK's discovery serves not only as a warning of potential risks but also as a reminder of the importance of raising awareness and knowledge of security for every Internet user.

To protect personal data, users need to become more vigilant and proactive in securing information

Most importantly, this incident serves as a clear wake-up call about cybersecurity risks to personal accounts. To safeguard personal data, users need to become more cautious and proactive in securing their information. Regularly updating passwords, using two-factor authentication, and avoiding sharing login information are crucial steps. Additionally, staying vigilant and promptly updating new security measures from service providers is key to staying safe against increasingly sophisticated threats in the digital world.

The content is developed by the Mytour team with the aim of customer care and solely to inspire travel experiences. We do not take responsibility for or provide advice for other purposes.

If you find this article inappropriate or containing errors, please contact us via email at [email protected]