Did you know PRISMA's Cat and Mouse Game Cracking Google's MultiLogin Mystery
CloudSEK, a cyber security firm, found a sneaky way hackers can mess
with Google accounts, and it's a bit of a head-scratcher. This method
lets them stay logged in, even after changing the password. Sounds wild,
right?
For starters, Google uses a system called OAuth2 for
keeping things secure. It's like a fancy bouncer at a club, making sure
only the right people get in. But these hackers, led by someone calling
themselves PRISMA, figured out a trick to keep the party going.
They
found a secret spot in Google's system, a hidden door called
"MultiLogin." It's a tool Google uses to sync accounts across different
services. The hacker PRISMA exploited this door, creating a malware
called Lumma Infostealer to do the dirty work.
Now, the clever part is, even if you change your passwords, these
hackers can keep sipping on their virtual cocktails. The malware they
created knows how to regenerate these secret codes, called cookies, that
Google uses to verify who you are.
CloudSEK's
researchers say this is a serious threat. The hackers aren't just
sneaking in once—they're setting up camp. Even if you kick them out by
changing your password, they still have a way back in. It's like
changing the locks on your front door, but they somehow still have a
secret master key.
Researchers tried reaching out to Google to
spill the beans, but so far, it's been crickets. No word from the tech
giant on how they plan to deal with this sneaky hack.
So, here we
are, in a world where even resetting your password might not be enough
to kick out the virtual party crashers. Stay tuned to see how Google
responds to this unexpected security hiccup.
m