cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts

Hi All

 

HNY

 

Multiple information-stealing malware families are abusing an undocumented Google OAuth endpoint named "Multi-login" to restore expired authentication cookies and log into users' accounts, even if an account's password was reset.

 

Session cookies are a special type of browser cookie that contains authentication information, allowing a person to automatically log in to websites and services without entering their credentials.

 

https://www.bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookie...

 

Regards

 

Caute_Cautim

0 Replies