Вештачка интелигенција

A New Era of Cybersecurity: Persistent Google Cookies Exploited by Hackers

Summary

Researchers from the cybersecurity firm CloudSEK have uncovered a remarkable vulnerability that allows hackers to generate persistent Google cookies by manipulating OAuth2 tokens. This vulnerability grants hackers continuous access to Google services, even if the user resets their password. Instead […]

A New Era of Cybersecurity: Persistent Google Cookies Exploited by Hackers

Researchers from the cybersecurity firm CloudSEK have uncovered a remarkable vulnerability that allows hackers to generate persistent Google cookies by manipulating OAuth2 tokens. This vulnerability grants hackers continuous access to Google services, even if the user resets their password.

Instead of relying on standard methods, a hacker known as PRISMA has developed a powerful zero-day exploit that enables the generation of persistent Google cookies. This is achieved through the manipulation of the OAuth2 token, an authentication mechanism used in Google services.

What is alarming is that this vulnerability remains effective even after users reset their passwords. This means that hackers can discreetly access user accounts and data in the long run.

The CloudSEK team concludes that this technique demonstrates a high degree of sophistication and understanding of Google’s internal authentication mechanisms. It is also revealed that the hacker PRISMA was open to collaboration, which helped researchers gain a detailed understanding of the issue and carry out technical analysis.

By reverse-engineering the exploit’s executable file provided by PRISMA, a specific exploitation point named “MultiLogin” was identified. This point represents an undocumented endpoint in the Google OAuth system.

These findings open the door to new possibilities for cyberattacks on Google accounts and put user data at risk. It is now up to Google to take urgent measures to address this vulnerability and protect its users.

Frequently Asked Questions (FAQ):

1. How do hackers generate persistent Google cookies?
Answer: Hackers manipulate OAuth2 tokens to generate persistent Google cookies.

2. Can access to a Google account be maintained even after resetting the password?
Answer: Yes, this vulnerability allows for continuous access to a Google account even after the user resets their password.

3. How was this vulnerability discovered?
Answer: The CloudSEK team utilized reverse engineering to identify the exploitation point named “MultiLogin”.

4. How can Google resolve this vulnerability?
Answer: Google will need to take urgent measures to address this vulnerability and protect its users.