If you have a Google account, you should now be extremely careful. Criminals want to steal your account with a new scam. Even a password change doesn’t stop them.
- Criminals are using a new scam to take over Google accounts.
- Even after a password change, the criminals retain access to the account.
- Google has not yet commented on the security vulnerability.
If you regularly use the Internet, you have most likely come into contact with viruses, malware or other pests. Cyber criminals are always coming up with new scams, but one of the latest ones is particularly perfidious. Especially because it doesn’t even help victims if they change their password.
The target of the attack is Google accounts. In short, criminals are exploiting a vulnerability in the service’s OAuth implementation. This is primarily used to synchronize your Google account between multiple devices such as smartphones and PCs. In doing so, they restore expired cookies for account authentication in order to gain access to the account.
Change Google password? Unfortunately that doesn’t help
What’s particularly nasty is that the actual password doesn’t play any role in this type of authentication. Therefore, those affected cannot regain control of their account by changing their Google password. Even then, the criminals still retain unrestricted access, like the technology website BleepingComputer
As early as mid-November 2023, the website reported cases in which developers claimed you can restore such expired Google account authentication cookies. There have been indications of this exploit for a long time. BleepingComputer made several requests to Google to comment on the issue and a possible solution – to no avail.
Countermeasures and prevention
There are currently no known countermeasures that can help victims of the new scam. Those affected should still change all other passwords and access data for other services that are related to the hijacked Google account as quickly as possible. This may at least prevent thefts from other accounts or at least make them more difficult.
If you are not affected but want to protect yourself preventively, you should stick to the usual protective measures against malware and viruses. Avoid suspicious downloads, do not visit unknown or dubious websites and use two-factor authentication and active virus protection wherever possible.
Since the number of affected cases is increasing rapidly, we assume that Google will not be able to leave the problem uncommented for much longer. At best, the company is already working on closing the security gap. However, we do not yet have any official information about this.
Antivirus programs in comparison: These test winners give you security
NETZWELT may receive a commission from the retailer for links on this page. More info.
Don’t miss anything with this NETWORK WORLDNewsletter
Every Friday: The most informative and entertaining summary from the world of technology!