Malware groups claimed they can access expired Google OAuth cookies, gaining access to accounts even when the user logs out or changes their password, BleepingComputer reports. Using a Google "MultiLogin" endpoint, hackers claim it can restore expired authentication codes, gaining repeated access to accounts.
Malware groups claim they can steal Google OAuth account data
Related stories
The role of privacy in the UN's framework for responsible state behavior in cyberspace
Notes from the IAPP Canada: Kerr's voice echoes as privacy, AI ethics more urgent than ever
A view from DC: FTC tackles trans-Atlantic threats to American liberty
Notes from the Asia-Pacific region: Check-up reveals new prescriptions for compliance
A view from Brussels: The implementation challenges of the EU Data Act
