Hackers Discover Way to Access Google Accounts without a Password

0

Hackers have found a method to gain unauthorized access to Google accounts without needing the account holders’ passwords. A cybersecurity company called CloudSEK discovered that a type of malicious software is utilizing third-party cookies to exploit this vulnerability and obtain people’s private data. Hacking groups are actively testing this malware. The hack was initially disclosed on the messaging platform Telegram in October 2023 by a hacker.

The hacker explained that the compromise occurs through a weakness in cookies, which are used by websites and browsers to track users and enhance their browsing experience. Google authentication cookies allow users to access their accounts without repeatedly entering their login credentials. However, the hackers managed to retrieve these cookies, enabling them to bypass two-factor authentication.

To address this issue, Google Chrome, the world’s most widely used web browser with a market share of over 60% last year, is currently taking measures to restrict third-party cookies. To protect their Google accounts, users are advised to carefully consider accepting unnecessary cookies when browsing. Google has acknowledged the vulnerability and is actively working to address it. Users can also protect their accounts by signing out on suspicious or affected devices, regularly removing malware from their devices, and enabling features like “enhanced safe browsing” in Chrome to guard against phishing and malware downloads.

It is important to note that Google has over 1.8 billion Gmail users worldwide, accounting for approximately 24% of the global population. Gmail offers numerous benefits, including robust security control measures and secure storage of emails in the cloud. However, it is essential to remember that no system can be considered 100% secure, and users should always exercise caution and be mindful of cybersecurity best practices.

Leave a Reply

Your email address will not be published. Required fields are marked *