Know about new malware risk in Google Chrome

Google CHrome

(Daily Point) — Several cybersecurity reports from BleepingComputer, CloudSEK, and Hudson Rock have highlighted a significant vulnerability affecting users of Google Chrome.

This vulnerability allows unauthorized access to Google accounts and login tokens, enabling the extraction and decryption of tokens from the local database. The malware involved can bypass Chrome’s security measures, posing a threat to user accounts, even those protected by two-factor authentication. Notably, the exploit continues to grant access even after users change their passwords.

Despite the severity of the situation, Google is seeking to downplay the significance of the vulnerability. In a statement provided to BleepingComputer, the tech giant asserted that malware attacks aimed at stealing cookies and tokens are not new. Google assured users that it routinely enhances its defenses against such techniques and takes action to secure compromised accounts. The company suggested logging out of the Chrome browser and terminating all active sessions via g.co/mydevices to invalidate the Refresh token.

Contrary to external assessments, Google does not view this as a vulnerability, asserting that the API functions as intended. The company recommends user actions to mitigate risks but maintains that the situation is not as critical as some reports suggest.

In a related development, cybersecurity firm CloudSEK revealed that multiple information-stealing malware operations are exploiting a Google OAuth “MultiLogin” API endpoint. This feature allows the generation of new authentication cookies when a victim’s original stolen Google cookies expire. Notably, this method involves stealing multiple tokens from Google Chrome, including authentication cookies for Google sites and a special token for refreshing or generating new authentication tokens.

This new malware trend, exemplified by operations such as Lumma, Rhadamanthys, Stealc, Medusa, RisePro, and Whitesnake, highlights an ongoing challenge for cybersecurity professionals. The attackers leverage the API to continuously refresh authentication tokens, making it imperative for users to be vigilant and take recommended security measures.

Related Post

Modi, Netanyahu among other world leaders congratulate Trump on major US election victory

Political expert predicts winner of US Presidential Election: Will Kamala Harris make history?

US Election 2024: Muslim voters grapple with key issues and influences in swing states

Why Pakistani-American Muslim vote for Jewish US candidate?

Battle for White House: Kamala, Trump draw thousands in final election rallies

Why US newspapers break tradition and refuse to endorse presidential candidates?

US Election 2024: Harris rallies supporters while Trump gains Muslim backing

Leave a Reply

Your email address will not be published. Required fields are marked *

  • Opinion

    AlMadni Home: Hope for differently-abled…

    by By Peer Ali

    The pillar of Pakistan’s future

    by Fahad Shahbaz

    Budget 2024-25: Heavy taxes hit…

    by Faisal Waqas

  • Technology
     itel unveils P65, first powerful cyber design smartphone featuring bundle free charging case
    Here are price, specs and new features of iPhone 16
    Apple to reveal these four iPhone 16 Models on September 9
    Govt employees banned from using social media: What are penalties?
    Did Govt block or slow down internet? IT minister responds

  • Entertainment

    Pakistani blockbuster ‘The Legend of Maula Jatt’ to debut in India
    Netflix to add disclaimers to ‘IC-814: The Kandahar Hijack’ after backlash
    Are Mahira Khan, Fahad Mustafa teaming up for another project?
    Internet personality Shera killed in road accident
    Actress Amna Ilyas expresses concerns about women’s safety in Pakistan
    Jennifer Lopez surprises with divorce filing from Ben Affleck
    Police issues statement on Nimra Khan’s abduction attempt

    • Navigate Site

    Follow Us