Malware groups claimed they can access expired Google OAuth cookies, gaining access to accounts even when the user logs out or changes their password, BleepingComputer reports. Using a Google "MultiLogin" endpoint, hackers claim it can restore expired authentication codes, gaining repeated access to accounts.
Malware groups claim they can steal Google OAuth account data
Related stories
Notes from the IAPP Canada: Keeping watch on federal, provincial developments
Italy updates National Cybersecurity and Data Protection Framework
Vietnam's data protection laws: The basics and beyond
Notes from the Asia-Pacific region: NZ OPC calls for 'doing privacy well'
GDPR matchup: Australia's Privacy Act 1988
