Вештачка интелигенција

New Title: Protecting Users from Google Zero-Day Vulnerability

Summary

Google recently disclosed the discovery of a serious security vulnerability, known as Google Zero-Day, which allows malicious users to log into user accounts even after the password has been changed. This vulnerability poses a significant threat, as the software designed […]

Google Zero-Day Ranjivost otkrivena – Zaštita korisnika od potencijalne krađe naloga

Google recently disclosed the discovery of a serious security vulnerability, known as Google Zero-Day, which allows malicious users to log into user accounts even after the password has been changed. This vulnerability poses a significant threat, as the software designed to steal user information is being utilized by multiple malicious groups, even after a password reset.

According to research by CloudSEK, this vulnerability primarily targets Windows computers. When a device is compromised, the software utilizes the same method employed by “information thieves” to steal the session token for login. This token is assigned to the user’s computer when logging into a Google account and is then transmitted to the cybercriminals’ server.

The software leverages stolen session tokens to log into already signed-in Google accounts on the computer. The necessary details are revealed using the key stolen from the UserData folder in the Windows system.

To protect users, Google has recommended several steps that users can take. When an account is compromised, users can revoke or invalidate the stolen session tokens by signing out from the browser on the infected device or by accessing the device page in their account settings and remotely signing out from those sessions. It is also recommended to scan the computer for malware and enable the “Enhanced Safe Browsing” option in Google Chrome to prevent malware downloads on users’ computers.

Google has emphasized that they regularly enhance their malware defense techniques and the compromised accounts they discovered are secured. However, it is crucial for users to take precautionary measures to protect themselves from potential account theft.

FAQ

Q: What vulnerability has been discovered in Google?
A: The discovered vulnerability is Google Zero-Day, which allows malicious users to log into user accounts even after the password has been changed.

Q: Which devices does this vulnerability target?
A: Currently, it is believed that this vulnerability targets Windows computers.

Q: How can malicious users log into accounts even after the password has been changed?
A: By utilizing stolen session tokens for login, malicious users can even regenerate the authentication cookie to log into the user account.

Q: What precautionary measures does Google recommend to protect users?
A: Users are advised to revoke or invalidate stolen session tokens by signing out from the infected device. It is also recommended to scan the computer for malware and enable the “Enhanced Safe Browsing” option in Google Chrome.