“Cyber Guy”: Big Brother in the Big Apple
New York City drivers face a $15 daily congestion fee when they enter a paid congestion zone south of 60th Street monitored by license plate readers. Kurt “CyberGuy” Knutsson explains the details.
A new exploit threat allows hackers to gain access to Google accounts using expired cookies containing login information. The exploit, discovered late last year, targets session cookies that have a limited lifetime. However, it is possible to “revive” those cookies and put your personal information at risk.
A hacker named PRISMA was the first to reveal that he had discovered a way to undo expired Google session cookies. Since then, the cybersecurity firm has Cloud SEK We’ve discovered an exploit for a program that allows users to sync their Google accounts across multiple devices. Hackers are currently using the exploit to steal login information and other information. Here we detail how it all unfolded and how you can protect yourself.
Google Chrome startup page (Kurt “Cyber Guy” Knutson)
Google’s multi-login abuse
According to reports peepee computer, a particular malware strain discovered a backdoor into Google’s authentication system. This vulnerability exists in the MultiLogin endpoint, but is undocumented and little known to the public. This secret gateway allows an attacker to revive expired authentication cookies and allow unauthorized access to the user’s girlfriend Google account.
Google Chrome startup page (Kurt “Cyber Guy” Knutson)
More information: Beware of this MCAFEE Google Chrome ad scam
Role of session cookies
Before we go into more detail, let’s understand the role of session cookies. These special browser cookies contain authentication information. If you’ve ever experienced the convenience of being able to return to a site without having to re-enter your credentials, you’ve probably encountered session cookies. However, it is designed to intentionally limit its lifetime to prevent unauthorized access over long periods of time.
Read more: How Google’s data can make you a suspect in a crime you didn’t commit
The relationship between Rumma and Rhadamanthys
Last November, cybercriminals associated with information-stealing malware Lumma and Rhadamanthys made bold claims that they could revive expired Google authentication cookies stolen during cyberattacks. Hackers can use these seemingly disabled cookies to access the victim’s Google account even if the user is logged out, reset their password, or their session has expired. invade.
Prisma’s Revelation
The exploit dates back to a Telegram post by an attacker known as PRISMA. In October they announced the discovery of a way to restore expired Google authentication cookies. This revelation set the stage for further investigation.
CloudSEK investigation
input Cloud SEK, a cybersecurity company that works to predict and prevent cyberattacks. These researchers took on the challenge of reverse engineering the exploit. Their findings revealed that MultiLogin endpoints have become a lynchpin for hackers. This undocumented feature makes it easy to synchronize accounts across different Google services, making it an ideal target for malicious actors to exploit.
Google Chrome startup page (Kurt “Cyber Guy” Knutson)
Read more: Google finally admits data collection in Chrome’s incognito mode
Protection from multi-login exploits
MultiLogin abuse raises serious concerns for Google account holders. To protect yourself from this threat, consider the following steps:
1) Sign out of the affected browser. Google is aware of this issue and is taking steps to protect compromised accounts. Google recommends disabling session cookies by signing out of affected browsers.
2) Enhanced Safe Browsing: Enable Chrome’s Enhanced Safe Browsing for added security. malware and Phishing attack.
On the computer:
- Open google chrome on your computer
- click initial in the top right corner of your browser window.
- Tap Manage your Google Account
- click safety on the left
- under Safe Browsing for your account has been improved – Make sure it is spinning upon
On your smartphone:
- Open google chrome on your computer
- click initial in the top right corner of your browser window.
- Tap Google account
- click safety
- Scroll down to the bottom Safe Browsing for your account has been improved – Make sure it is spinning upon
3) Change your password regularly. Change your Google password regularly to protect your account from hackers. If you have trouble creating a new password, password manager.
4) Install appropriate antivirus software on all devices. The best way to protect yourself from data breaches is to install antivirus protection on all your devices.Choose the option that suits you best computer, Mac, iPhone or android smartphone. Having good antivirus software actively running on your device will warn you about malware in your system, warn you against clicking malicious links in phishing emails, and ultimately protect you from hacking. Get my picks for the best antivirus protection products of 2024 for Windows, Mac, Android, and iOS devices.
Cart important points
In light of recent exploits targeting Google accounts via revived session cookies, it is essential to strengthen your defenses against such cyber threats. From initial discovery by PRISMA to subsequent investigation by CloudSEK, vulnerabilities in Google’s MultiLogin endpoint were revealed.
To protect your account, sign out of affected browsers, enable Enhanced Safe Browsing, update your passwords regularly, and install appropriate antivirus software on all your devices. By implementing these security measures, you can thwart attempts to violate your online privacy and protect your digital identity.
How important do you think it is for a technology company like Google to continually update and strengthen its security protocols to protect users from evolving cyber threats? Email us. Cyberguy.com/Contact.
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report newsletter using the link below. Cyberguy.com/Newsletter.
Ask your cart a question or let us know your story you’d like us to feature.
Answers to CyberGuy frequently asked questions:
Copyright 2024 CyberGuy.com. All rights reserved.
