A serious cookie-related vulnerability, which first involves Chrome file extraction by malware, appears to allow access to your Google account even if you change your password. So let's take a look at this threat that is accessing your Google account.
The threat accesses your Google account even if you change your password
Many information-stealing malware families abuse a system to restore expired cookies and log in to user accounts, even if the password has been reset.
Session cookies are a special type of cookie that contains authentication information, allowing a person to automatically log in to websites and services without entering their credentials. These types of cookies are intended to have a limited lifetime. This means that criminals cannot use them indefinitely to log into accounts if they are stolen.
Either way, they allow criminals to gain unauthorized access to Google accounts. This happens after the legitimate owners log out, reset their passwords, or expire their session.
Even more disturbing is the way in which this “restoration” process can be carried out multiple times. All this without the victim realizing the attack on his account. What's worse is the fact that even after you reset your Google account password, this exploit can be used again by the bad actor to access your account.
Several malware groups, six by BleepingComputer's count, have access to this vulnerability and are selling it. This exploit first received special attention in mid-November. Some of these groups claim to have already updated this vulnerability to combat the countermeasures implemented by Google.
In fact, it is a threat that needs to be taken seriously and currently there is no significant form of protection. Therefore, it is up to Google to resolve this situation quickly.
“Coffee trailblazer. Social media ninja. Unapologetic web guru. Friendly music fan. Alcohol fanatic.”