TECH NEWS – Malicious software used Google’s authentication cookies to gain unauthorized access to users’ personal data.

Cybersecurity researchers have identified a system that can be used to break into Google Gmail accounts without a password. Users are asked to be vigilant.

Hackers are increasing their ingenuity, much to the annoyance of Internet users. After several hacking techniques, another scheme was invented. However, they did not expect the work of the researchers of the cybersecurity company CloudSEK, who managed to identify it.

The system is based on a simple principle: to hack Gmail accounts without a password.

This is a threat that can affect any user, which is why it is even more important to know more about it.

Hacking Gmail based on Google cookies

This Machiavellian plan was revealed in a company report. It turned out that the malware reset Google’s authentication cookies to gain unauthorized access to users’ personal data.

Once the software infects your computer, it accesses login information stored in Google Chrome’s local database. So you can steal them and reverse engineer them. After retrieving this information, you can create cookies that can be used to authenticate an account without user approval.

Hackers can still access the account from any device or browser, whether the password has been changed or not. The first detection of the hack dates back to October 2023, when a hacker revealed it on a Telegram channel.

Google denies any breach of security rules

For their part, Google representatives tried to defend the platform in a press release. According to them, their security system is regularly improved to avoid these types of problems: “Google has taken steps to secure detected compromised accounts”.

Overall, users should be responsible for their own safety online. “They should take ongoing steps to remove all malware from their computers, and we recommend enabling Safe Browsing in Chrome to protect against downloading malware,” they explained.

Source: CloudSEK