In a recent cybersecurity development, hackers have uncovered a loophole allowing them to access Google accounts without requiring the account password. This newly identified vulnerability grants cybercriminals persistent access to Google services even after the user resets their password.
Security firm CloudSEK conducted an analysis of this alarming exploit, initially brought to attention when a hacker disclosed the method on a Telegram channel in October 2023. The vulnerability revolves around third-party cookies, integral to websites and browsers for user tracking and enhanced efficiency.
Specifically, Google’s authentication cookies, designed to facilitate user login without repeated password entry, become susceptible to compromise. Hackers can bypass two-factor authentication measures, gaining access to these cookies and compromising the targeted Google account.
CloudSEK emphasized the severity of the situation in a blog post, stating, “This exploit enables continuous access to Google services, even after a user’s password is reset… It highlights the necessity for continuous monitoring of both technical vulnerabilities and human intelligence sources to stay ahead of emerging cyber threats.”
Addressing the issue, Google Chrome is currently in the process of reinforcing its defenses to safeguard users from falling victim to such exploits. Google issued a statement in response to the situation, saying, “We routinely upgrade our defences against such techniques and to secure users who fall victim to malware. In this instance, Google has taken action to secure any compromised accounts detected. Users should continually take steps to remove any malware from their computer, and we recommend turning on Enhanced Safe Browsing in Chrome to protect against phishing and malware downloads.”
This development underscores the critical importance of staying vigilant against evolving cyber threats, urging users to adopt best practices in securing their online accounts and regularly update security measures.