Security researchers have announced that they have discovered a vulnerability that allows file exfiltration from Google Chrome. Malicious users can exploit the Chrome vulnerability to access the Google account of anyone they want by downloading cookies. Here are the details…
Hackers can access your Google account through a Chrome vulnerability
According to the post shared by BleepingComputer and CloudSEK, “Hackers can hijack your login credentials stored in Google Chrome’s local database by installing a virus on your computer.”
It can be used to send requests to a Google API, normally used by Chrome to synchronize accounts on different Google services, and to create “stable and persistent Google cookies” responsible for authentication that can be used to access your account. It is not yet known whether two-factor authentication offers any protection in this case.
Basically, adding the key from the restore files allows cookies to be re-authorized and remains valid even after a password change. Analysts note that even after the Google Account password has been reset, this exploit can be used once again by the malicious actor to gain access to your account.
According to BleepingComputer’s report, more than six hacker groups have access to this vulnerability. It should be noted that no patch has been released by Google on this issue.
To avoid being affected by the vulnerability exploited by hackers, we recommend that you do not log in to websites you do not trust. You can review our article on the best free antivirus programs to protect your computer from malicious people.
What do you think about this vulnerability? Don’t forget to share your ideas with us in the comments section.
{{user}} {{datetime}}
{{text}}