This malware is capable of hijacking Chrome cookies to enter your Google account
Cybercriminals do not stop looking for any security flaw or hole to get hold of your personal data, and if they can, also empty your bank account.
And a serious vulnerability related to cookies has been discovered for users who use the browser Google Chrome or similar, and which first involves the malware extracting the browser files to access your Google accounts.
This vulnerability requires the installation of a malware specific on the computer to extract and decrypt login tokens stored in the local Google Chrome database.
What is obtained is then used to send a request to a Google API that the browser uses to sync different accounts and create cookies, authentication data that criminals could use to access your account.
This restoration process could be carried out by malware, even several times, without the user realizing that their computer has been compromised.
Even if the user resets the password for a Google account, these criminals could end up using this exploit over and over again to gain access to the user’s account.
According to what is said, certain important malware groups already have access to this vulnerability.
This is an exploit that was first discovered in mid-November, and it is likely that Google and other actors are already working to try to alleviate this vulnerability that could be distributed through the downloading of illegal material on the network.
In this way, to prevent your computer from being compromised and you being left without your Google accounts, never download pirated programs from the Internet or applications from fraudulent sites.