Google OAuth endpoint exploited by various malware

2 January 2024

BleepingComputer reports that expired authentication cookies are being revived for account access by numerous information-stealing malware strains by leveraging the newly discovered MultiLogin Google OAuth endpoint. MultiLogin, which was developed to facilitate the synchronization of accounts across various Google services, was exploited by infostealers to enable the collection of token and Chrome account IDs with GAIA ID and encrypted_token, according to a CloudSEK report.

Source: SC Magazine

Date:

2 January 2024

Categorie(s):

NEWS

Tag(s):

Google, IT, News, OAuth

Ex-Cybersecurity Consultant Jailed For Trading Confidential Data4 May 2024
Microsoft plans to lock down Windows DNS like never before. Here’s how.4 May 2024
Kaspersky hits back at claims its AI helped Russia develop military drone systems4 May 2024
Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024