Malware families exploited Google’s unreported OAuth endpoint, MultiLogin, enabling them to steal session tokens and gain unauthorized access to users’ accounts. Google has fixed the issue and taken action to secure compromised accounts. There was a misconception that stolen tokens and cookies couldn’t be revoked, but Google clarified that signing out of the affected browser or remotely revoking sessions through the user’s devices page invalidates stolen sessions. Users should remove malware from their computers and enable Enhanced Safe Browsing in Chrome for protection against phishing and malware downloads.
Share via:
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Google fixes issue with Chrome ‘malware’ that allowed to break into users’ accounts
Malware families exploited Google’s unreported OAuth endpoint, MultiLogin, enabling them to steal session tokens and gain unauthorized access to users’ accounts. Google has fixed the issue and taken action to secure compromised accounts. There was a misconception that stolen tokens and cookies couldn’t be revoked, but Google clarified that signing out of the affected browser or remotely revoking sessions through the user’s devices page invalidates stolen sessions. Users should remove malware from their computers and enable Enhanced Safe Browsing in Chrome for protection against phishing and malware downloads.
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi