Expert Alert: Google Account Risk from Expired Cookie Exploit Uncovered
Cybersecurity circles are buzzing with news of a devious new exploit that resurrects expired Google session cookies to hijack your account. First spotted late last year, this exploit takes advantage of session cookies—those digital keys that keep you logged in on websites—which are supposed to expire after a set period to protect your privacy. The name on everyone’s lips is PRISMA, the hacker who blew the whistle on the ability to “revive” these cookies, potentially exposing personal data to cybercriminals.
BleepingComputer has recently shed light on malware that sneaks through Google’s defenses via a little-known backdoor in the MultiLogin endpoint. It’s a covert part of Google’s system, underdocumented and obscure, but it’s precisely where the trouble starts. Hackers exploit it to breathe new life into expired cookies, thus bypassing authentication safeguards and slipping into user accounts unnoticed.
Let’s get technical for a second about session cookies. They’re the behind-the-scenes workhorses that remember you on websites, sparing you from constant logins. Their short lifespan is a security feature, except when cybercriminals find a way to extend that life indefinitely.
The plot thickens with the involvement of info-stealing malware like Lumma and Rhadamanthys. Their operators claimed the power to regenerate Google’s expired authentication cookies, previously considered harmless once their time was up. With these cookies, hackers don’t care if you’ve logged out or changed passwords; they’ve got a backdoor pass to your Google life.
The genesis of this exploit goes back to a Telegram revelation by PRISMA, outlining a method to renew past-their-prime Google cookies. Fast forward, and CloudSEK’s cybersecurity researchers are dissecting the exploit, pinpointing the MultiLogin endpoint as the weak link.
For Google account users, it’s time to batten down the hatches. Google has recommended signing out from browsers to kill off session cookies as a quick fix. But for a belt-and-braces approach, activate Enhanced Safe Browsing in Chrome, switch up your passwords often (hello, password managers!), and outfit all your gadgets with top-tier antivirus software. Keep an eagle eye on those phishing emails and suspicious links—your digital security might just depend on it.