- Oct 3, 2022
- 557
Security researchers say info-stealing malware can still access victims' compromised Google accounts even after passwords have been changed.
A zero-day exploit of Google account security was first teased by a cybercriminal known as "PRISMA" in October 2023, boasting that the technique could be used to log back into a victim's account even after the password is changed. It can also be used to generate new session tokens to regain access to victims' emails, cloud storage, and more as necessary. Since then, developers of info-stealer malware – primarily targeting Windows, it seems – have steadily implemented the exploit in their code. The total number of known malware families that abuse the vulnerability stands at six, including Lumma and Rhadamanthys, while Eternity Stealer is also working on an update to release in the near future.
Google password resets not enough to stop this malware
Now every miscreant is jumping on Big G's OAuth account security hole
www.theregister.com
Last edited by a moderator: