Google accounts unlocked: Password hack revealed by cunning cyber geniuses

January 7, 2024
1 min read

Security researchers have discovered a new hack that allows cyber criminals to gain access to Google accounts without needing the user’s password. The hack exploits vulnerabilities in third-party cookies, which are used by websites and browsers to track users. By retrieving these cookies, hackers can bypass two-factor authentication and gain unauthorized access to sensitive data. Google is aware of the issue and is taking steps to secure affected accounts, but experts emphasize the need for continuous monitoring of both technical vulnerabilities and human intelligence to stay ahead of emerging cyber threats.

Key Points:

  • A new hack allows cyber criminals to access Google accounts without passwords.
  • The hack exploits vulnerabilities in third-party cookies used by websites and browsers.
  • By retrieving these cookies, hackers can bypass two-factor authentication.
  • Google is working to secure affected accounts and recommends Enhanced Safe Browsing in Chrome.
  • Continuous monitoring of vulnerabilities and human intelligence is vital to stay ahead of cyber threats.

Summary:

Security researchers have discovered a hack that enables cyber criminals to gain access to people’s Google accounts without needing their passwords. The hack exploits vulnerabilities in third-party cookies, which are used by websites and browsers to track users and improve their usability. The hackers were able to retrieve Google authentication cookies to bypass two-factor authentication and gain unauthorized access to sensitive data.

The hack was first revealed in October 2023 by a hacker on the messaging platform Telegram. Since then, it has been actively tested by hacking groups. Google is aware of the issue and is taking action to secure compromised accounts. The company advises users to remove any malware from their computers and enable Enhanced Safe Browsing in Chrome to protect against phishing and malware downloads.

Experts warn that this hack highlights the complexity and stealth of modern cyber attacks. The ability to gain continuous access to Google services, even after resetting a user’s password, underscores the need for continuous monitoring of technical vulnerabilities and human intelligence sources in order to stay ahead of emerging cyber threats.

While Google is cracking down on third-party cookies in its Chrome web browser, it is important for users to remain vigilant and take steps to protect their accounts. Cyber security is an ongoing concern, and it is crucial for individuals and organizations to stay updated on the latest threats and take appropriate measures to safeguard their data.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and