Cybersecurity experts have identified a new strain of information-stealing malware that exploits an undocumented Google OAuth endpoint, known as MultiLogin. This malware allows attackers to hijack user sessions and generate cookies, which enables them to maintain access to a user's Google account even after the user has reset their password. The exploit's capability for session persistence poses a significant threat to account security, as it circumvents the traditional safeguard of password resetting. The issue has raised alerts within the cybersecurity community, emphasizing the need for increased vigilance and possibly additional security measures for Google account holders. The new malware in the wild has been highlighted across various platforms, with emphasis on the insufficiency of Google password resets to prevent unauthorized access and the relevance to the infosec sector.
ALERT: Hackers have figured out how to access your Google accounts without finding your password — and even if you update your password! https://t.co/9IOZmZVEhT
There is a new malware in the wild that basically let an attacker to access your Google account without knowing your password. (link in first reply) The exploit is using a non-documented Google endpoint called MultiLogin (an endpoint that lets you sync accounts via services).… https://t.co/HJAEQ8G4WO
Malware Using Google MultiLogin Exploit to Maintain Access Despite Password Reset: https://t.co/AnfpD1aD9k by The Hacker News #infosec #cybersecurity #technology #news
🔒 ALERT: Information-stealing malware exploits an undocumented #Google OAuth endpoint, MultiLogin, to hijack user sessions. This allows for session persistence and cookie generation, maintaining access even after a password reset. Read: https://t.co/b19m7WkqxI #cybersecurity
Google Password Resets Not Enough To Stop These Info-Stealing Malware Strains https://t.co/VSCKbUHYmu