"Google Accounts May Be Vulnerable to New Hack, Changing Password Won't Help"

According to CloudSEK researchers, a threat actor known as PRISMA boasted a powerful zero-day exploit and developed a sophisticated solution for generating persistent Google cookies by manipulating a token. This exploit allows for continued access to Google services, even after a user's password has been reset. Open Authorization 2.0 (OAuth 2.0) is a protocol for securing and authorizing access to resources on the Internet. CloudSEK's threat research team discovered the exploit's root at an undocumented Google OAuth endpoint called "MultiLogin, which is an internal mechanism for synchronizing Google accounts across services, ensuring that browser account states are in alignment with Google's authentication cookies. This article continues to discuss the new method that enables hackers to compromise Google accounts and maintain valid sessions.

Cybernews reports "Google Accounts May Be Vulnerable to New Hack, Changing Password Won't Help"

Submitted by grigby1

Submitted by Gregory Rigby on