A new zero-day exploit involving cookies is being used by cybercriminals to bypass Google's account protection measures. Malware strains are exploiting undocumented Google OAuth endpoint to regenerate Google cookies, making Google password resets insufficient to stop the info-stealing. Infected Android apps are identified as the carriers of this malware, prompting users to delete them immediately.
Google Password Resets Not Enough To Stop These Info-Stealing Malware Strains https://t.co/Jpo9rlLZ4b
Google password resets not enough to stop these info-stealing malware strains https://t.co/456jsyFggX
This new zero-day exploit involving cookies helps cybercriminals bypass Google’s account protection measures https://t.co/bFgYA9bmhr
Malware exploits undocumented Google OAuth endpoint to regenerate Google cookies: https://t.co/H2PZcGiyuj by Security Affairs #infosec #cybersecurity #technology #news
If you have any of these infected Android apps on your phone, delete them now https://t.co/fnKCUEBgCc