"Securing Google Accounts: Expert Tips to Thwart Password-Less Hack Attacks"
Google has acknowledged that malware is abusing an undocumented Chrome API to generate new authentication cookies, but considers it a standard token theft issue rather than an API flaw. The malware, including operations named Lumma, Rhadamanthys, Stealc, Medusa, RisePro, and Whitesnake, uses the API to refresh expired Google authentication tokens, allowing prolonged unauthorized access to user accounts. Google advises affected users to log out of Chrome or kill active sessions to invalidate the refresh token and change their Google password. Despite the potential for ongoing abuse, Google has not indicated plans to restrict API access, and users often remain unaware of infections until their accounts are misused. Cybersecurity firm CloudSEK and BleepingComputer have highlighted the issue, but Google's response has been to recommend general security practices without addressing the specific API abuse.
- Google: Malware abusing API is standard token theft, not an API issue BleepingComputer
- Hackers can now access your Google account without password Hindustan Times
- Gmail 2024 Hack Attack Advice: Turn It Off And On Again, Google Says Forbes
- How to protect Google accounts against hackers - Ex-minister, Pantami advises Nigerians Daily Post Nigeria
- Hackers have discovered a way to access Google accounts without a password The Independent
Reading Insights
0
1
3 min
vs 4 min read
82%
728 → 132 words
Want the full story? Read the original article
Read on BleepingComputer