Hackers Exploit Undocumented OAuth2, Gaining Unauthorized Access to Google Accounts Without Passwords
The alarming emergence of a new cyber threat has revealed that hackers can now gain unauthorized access to Google accounts without needing passwords. This dangerous form of malware, first disclosed by a hacker on Telegram, exploits undocumented OAuth2 functionality, enabling access to individuals’ private data even after implementing Google’s two-factor authentication. CloudSEK, a cybersecurity firm, detailed the threat in a report titled ‘Compromising Google Accounts: Malware Exploiting Undocumented OAuth2 Functionality for session hijacking.’ The exploit allows continuous access to Google services post-password reset, emphasizing the need for vigilant monitoring to combat evolving cyber threats.
According to the CloudSEK report, cybercriminals leverage third-party cookies for unauthorized entry, a tactic that exposes the complexity and stealth of modern cyber-attacks. Pavan Karthick M, a threat intelligence researcher at CloudSEK, emphasized the importance of continuously monitoring technical vulnerabilities and human intelligence sources to stay ahead of emerging threats.
The hacker’s revelation on Telegram sparked concerns about data access through website cookies. This threat poses a significant challenge, as it allows continuous access to Google services even after users reset their passwords. CloudSEK underscored the necessity of ongoing vigilance and proactive measures to counteract such cyber threats.
In response to the threat, Google assured users that it routinely enhances its defences against such techniques and takes action to secure compromised accounts. The company recommended users remove any malware from their computers and enable Enhanced Safe Browsing in Chrome for protection against phishing and malware downloads.
Meanwhile, Google Chrome is actively addressing concerns related to third-party cookies. The browser’s crackdown on these cookies aligns with efforts to enhance user privacy and security. Google’s response emphasizes the collaborative effort needed between users and technology companies to thwart sophisticated cyber threats effectively.
This evolving cyber threat highlights the persistent challenges in maintaining digital security and underscores the importance of adopting proactive measures. As cybercriminals continue to refine their tactics, individuals and organizations must stay informed, employ robust security practices, and leverage advanced technologies to safeguard sensitive information and maintain the integrity of online accounts.
The report from CloudSEK serves as a timely reminder for users to remain vigilant, implement security best practices, and stay informed about emerging cyber threats. As the digital landscape evolves, the collaboration between cybersecurity experts and end-users becomes increasingly crucial to ensure a secure online environment.
