- Hackers discover new technique to access Google accounts without passwords.
- Exploit utilizes cookies to gain unauthorized access to personal data.
- Urgent need for continuous monitoring and enhanced security measures to protect against emerging cyber threats.
The technique, actively tested by hacking groups, leverages third-party cookies to gain unauthorized access to people’s private data. This means that even after a user’s password is reset, the hackers can still retrieve these cookies in order to access their accounts without their permission. Such an attack highlights the necessity for continuous monitoring of both technical vulnerabilities and human intelligence sources to stay ahead of emerging cyber threats.
Cloudsek, a leading cybersecurity company, first discovered this dangerous form of malware. Pavan Karthick, a threat intelligence researcher at Cloudsek, stated, “We have uncovered a hack that lets hackers access people’s Google accounts without needing their passwords. This exploit was first mentioned on an undocumented Telegram channel used by cybercriminals.”
Google, in response to this alarming discovery, has assured its users that it is actively cracking down on third-party cookies and routinely upgrading its defenses against such techniques. The company advises users to secure their accounts by enabling two-factor authentication and taking steps to remove any malware from their computers.
“We take the security of our users’ accounts very seriously,” said a spokesperson from Google. “We continually take steps to remove any malware and secure our users who may fall victim to these types of attacks. Our priority is to protect our users’ private data and ensure the integrity of our services.”
The exploit, which has already been actively tested by hacking groups, underscores the importance of cybersecurity awareness and vigilance among internet users. It serves as a stark reminder of the need for individuals to routinely upgrade their defenses against emerging threats.
About Google Inc
Google is dedicated to providing comprehensive protection against evolving cyber threats. With a team of expert researchers and advanced technologies, we strive to safeguard businesses and individuals from malicious activities and data breaches.