"New Malware Exploits Google OAuth to Hijack Accounts Despite Password Changes"
Originally Published 2 years ago — by 9to5Google
A new malware exploit targets Google Chrome to extract and decrypt login tokens, allowing attackers to create persistent Google cookies for account access, even after password changes. The vulnerability, which has been sold by multiple malware groups since mid-November, can bypass traditional security measures like password resets and potentially two-factor authentication. Users are advised to avoid installing unfamiliar software to prevent such malware infections.