Google fixes issue with Chrome 'malware' that allowed to break into users' accounts

Malware families exploited Google's unreported OAuth endpoint, MultiLogin, enabling them to steal session tokens and gain unauthorized access to users' accounts. Google has fixed the issue and taken action to secure compromised accounts. There was a misconception that stolen tokens and cookies couldn't be revoked, but Google clarified that signing out of the affected browser or remotely revoking sessions through the user's devices page invalidates stolen sessions.

Users should remove malware from their computers and enable Enhanced Safe Browsing in Chrome for protection against phishing and malware downloads. Malware families exploited Google's unreported OAuth endpoint, MultiLogin, enabling them to steal session tokens and gain unauthorized access to users' accounts.

Google has fixed the issue and taken action to secure compromised accounts. There was a misconception that stolen tokens and cookies couldn't be revoked, but Google clarified that signing out of the affected browser or remotely revoking sessions through the user's devices page invalidates stolen sessions.

Users should remove malware from their computers and enable Enhanced Safe Browsing in Chrome for protection against phishing and malware downloads. Recently it was reported that there were several malware families engaged in information theft and were exploiting an unreported Google OAuth endpoint called "MultiLogin." According to a report by Bleeping Computer, the endpoint enabled malware to renew expired authentication cookies and gain unauthorised access to users' accounts, even in cases where the account password has been reset.

Now, according to a report by 9to5Google, Google has fixed the issue. “Google is aware of recent reports of a malware family stealing session tokens. Attacks involving malware that steal cookies and tokens are not new; we routinely upgrade our defenses against such techniques and to secure users who fall victim to malware.

In this instance, Google has taken action to secure any compromised accounts detected,” said Google as per the report. Furthermore, Google has clarified that there was a misconception regarding stolen cookies. “It’s important to note a misconception in reports that suggests stolen tokens and cookies cannot be revoked by the user.

This is incorrect, as stolen sessions can be invalidated by simply signing out of the affected browser, or remotely revoked via the user’s devices page,” said Google. The company also said that it will continue to monitor the situation and provide updates as needed. The report by Bleeping Computer had noted that even after a user resets their Google Account password, malicious actors can exploit this vulnerability once again to gain unauthorised access to the compromised account.

Google has said that this was a misconception and that if a user signs of an affected browser — like Chrome or any other — then the stolen sessions automatically become invalidated. Google also said that users should continually take steps to remove any malware from their computer, “and we recommend turning on Enhanced Safe Browsing in Chrome to protect against phishing and malware downloads.” Explore Your Financial Landscape with Personalized Credit Insights.

FOLLOW US ON SOCIAL MEDIA Visual Stories Previous Here’s how many users top telcos have in India Gadgets 5G smartphones with 10GB or more RAM under Rs 25,000 Gadgets 5G smartphones launching in 2024 Gadgets Top 5 AR/VR headset companies worldwide in Q3 23 Gadgets 5G smartphones with in display fingerprint sensor Gadgets 10 ‘most popular’ YouTube Shorts in 2023 Gadgets 5G phones with IR blaster under Rs 30,000 Gadgets ISRO’s upcoming missions in 2024 Gadgets Reliance JioTV Premium subscription plans launched: All the details Gadgets 10 5G smartphones under Rs 35,000 Gadgets Next 1 2 3 Elections Chhattisgarh CM News MP CM News Rajasthan Election Results MP Election Result 2023 Chhattisgarh Election Result Mizoram Election Result TOP TRENDS Adani Hindenburg Case India Covid Cases PM Modi Kerala Visit Air India News Gate Admit Card Truck Drivers Protest.