Hackers can now take control of your Google Account without needing a password. Here's how it works
After Canada and Palestine, Indian hackers launch cyber attacks on Qatar to avenge death penalty of former Navy officers The new vulnerability was analysed by security firm CloudSEK and reported by The Independent. Furthermore, the issue first came to the fore when a hacker posted about it on a Telegram channel in October 2023.
The Independent report noted how Google accounts could be compromised due to a vulnerability in third-party cookies, which are used by websites and browsers to track users and increase their efficiency. In addition, Google's authentication cookies help users save their login details and log in without having to re-enter them.
However, hackers have now found a way to bypass two-factor authentication and retrieve these cookies. The blogpost by CloudSEK noted, “This exploit enables continuous access to Google services, even after a user’s password is reset…It highlights the necessity for continuous monitoring of both technical vulnerabilities and human intelligence sources to stay ahead of emerging cyber threats." Also Read | '9 + 10 = 21': Hackers expose big flaws and biases in top AI systems by Google, OpenAI.
Details here Meanwhile, The Independent report noted that Google Chrome is currently in the process of upgrading its defences and securing users from falling victim to malware. A Google statement quoted by The Independent read, “We routinely upgrade our defences against such techniques and to secure users who fall victim to malware.
In this instance, Google has taken action to secure any compromised accounts detected," Google said in a statement. “Users should continually take steps to remove any malware from their computer, and we recommend turning on Enhanced Safe Browsing in Chrome to
. Read more on livemint.com
