Security researchers announced that they discovered a vulnerability that allows file exfiltration from Google Chrome. Malicious users can exploit the Chrome vulnerability to access the Google account of anyone they want by downloading cookies. Here are the details…
Hackers can access your Google account thanks to Chrome vulnerability
According to the post shared by BleepingComputer and CloudSEK, “Hackers can capture your login information stored in Google Chrome’s local database with the virus you install on your computer.” He stated:
It can be used to send requests to a Google API, normally used by Chrome to sync accounts across different Google services, and to create “persistent Google cookies” responsible for authentication that can be used to access your account. It is not yet known whether two-factor authentication provides any protection in this case.
Essentially, adding the key from the restore files allows the cookies to be re-authorized and remains valid even after the password change. Analysts state that even after the Google Account password is reset, this exploit can be used once again by the malicious actor to gain access to your account.
According to BleepingComputer’s report, more than six hacker groups have access to this vulnerability. We should point out that no patch has been released on this issue by Google.
What do you think about this vulnerability? Don’t forget to share your ideas with us in the comments section.