• btc = $99 954.00 -1 084.02 (-1.07 %)

  • eth = $3 915.43 -24.31 (-0.62 %)

  • ton = $6.37 -0.10 (-1.61 %)

  • btc = $99 954.00 -1 084.02 (-1.07 %)

  • eth = $3 915.43 -24.31 (-0.62 %)

  • ton = $6.37 -0.10 (-1.61 %)

30 Dec, 2023
1 min time to read

A recent discovery by cybersecurity researchers reveals a new and concerning vulnerability that exploits Chrome's local database to access Google Accounts.

The attack involves malware exfiltrating files from Chrome to extract and decrypt login tokens stored within the browser's local database. Once obtained, these tokens are used to create stable and persistent Google cookies, allowing unauthorized access to Google Accounts.

Even after users change their passwords, the malware-infected cookies persist. An attacker using the recovered cookies can re-access the compromised account without being detected. The exploit has raised questions about the effectiveness of two-factor authentication against this type of threat.

Reports suggest that multiple malware groups, at least six by some counts, have access to and are actively selling this vulnerability. This exploit was first advertised in mid-November. Notably, some of these parties say they have already updated this vulnerability to combat the countermeasures Google has implemented.

Due to the developing situation, users are advised to exercise caution and refrain from installing unfamiliar software to reduce the risk of malware infection.