No computer system is inviolable, even those thought to be the most secure. This is what we learn from the discovery of a new hacking campaign targeting Gmail accounts.
Double authentication is unfortunately not foolproof. A security measure that has become popular in recent years on Gmail (and which consists of adding a second validation, in addition to the password, when connecting to your Google account), the latter does not prevent the most determined hackers from steal access to certain accounts.
A malware attack
As reported by Forbes magazine, more and more testimonies on Reddit and on Google forums report people having lost access to their Google account despite the activation of two-factor authentication, precisely supposed to limit risks of piracy. An Internet user explains that his Google account was hacked and that “the hacker changed the password and multi-factor authentication settings» therefore no longer allowing access to your account to be regained. To make matters worse, the author of the post explains that his YouTube account has also been hijacked to promote malware.
But how do hackers manage to gain access to these accounts when two-factor authentication is precisely supposed to prevent this? Well with the help of a very specific malware, capable of stealing users’ cookies. Don’t panic, we’ll explain.
Theft of cookies and theft of Gmail
When you connect to your Google account protected by double authentication, before validating your connection, a small box asks you to “don’t ask me again about this device“. If checked, the next login attempt on the device will not require 2nd factor authentication. Instead, a so-called “session” cookie, stored on the memory of your phone/computer, will tell the site that this user has already proven their identity before.
It is precisely this cookie of a few kilobytes that hackers will seek out using phishing campaigns intended to spread malware. The latter will then transmit the files to third parties who will therefore be able to identify themselves using a stolen cookie without Google having anything to say about it. These techniques are not exactly new, but a wave of scams seem to be resurgent recently.
Cookie-stealing malware currently appears to be spreading through cryptocurrency scam campaigns and YouTube videos promising easy access to pirated games. For its part, Google indicates “continuously update its techniques to detect and block suspicious access using stolen cookies», notably with a new Chrome feature specially designed to counter the theft of cookies.
Until new security measures are implemented in the various web browsers you use, always pay close attention to the sites you visit and the software you download.
Download
8
- Free, unlimited email storage
- Advanced email filtering and easy searching
- Contact and calendar management integrated into the interface
Gmail is a free email service offered by Google. It allows people to send and receive emails online, and offers a range of features such as email searching, contact and calendar management, and interface customization.
Gmail is a free email service offered by Google. It allows people to send and receive emails online, and offers a range of features such as email searching, contact and calendar management, and interface customization.
Sources: Forbes
A journalist for almost 10 years, I have been in the tech and digital sector since my very first jobs. Tinkerer (a lot), librarian (a little), I have developed a specialization in the themes of ecology and digital technology as well as the protection of privacy. On weekends I torture Raspberry Pis with lots of 'sudo' commands to relax.
Read other articles
6