Tech
Google Accounts Are Breached By Hackers Who Bypass Passwords.
(CTN News) – Our Google accounts are protected by an impenetrable fortress if we use a strong password. Cybercrime is constantly evolving, making even such defenses vulnerable.
It was revealed in 2023 that hackers could bypass passwords altogether and gain “continuous access” to Google accounts, even after password changes.
Crumble the cookie
Security firm CloudSEK identified the vulnerability as affecting third-party cookies. These digital crumbs track your online activity across websites so you can be personalized.
Malicious actors exploited this system by injecting their own cookies, granting them access to your Google account even after you change your password.
The problem with password resets
Its persistence makes this exploit so serious. In contrast with traditional hacking methods that rely on passwords, hackers were able to maintain access even after you re-set your password.
All your data is at risk, from emails and documents to photos and contacts.
Despite its simplicity, blocking all cookies has significant drawbacks. You can stay logged into accounts and customize your online experience with cookies. Convenience and security must be balanced.
A Google action is taken
The good news is that Google continues to fight cybercrime vigilantly. Upon learning of the exploit, the company immediately updated its security defenses against such advanced malware.
“We routinely update our defenses against such techniques and ensure the security of users who are harmed by malware,” Google stated.
The essential precautions
So how can you protect yourself from such sophisticated attacks? Steps to follow are as follows:
-
Chrome’s Enhanced Safe Browsing feature protects you from phishing and malware downloads.
-
Be vigilant: Avoid clicking on anything that seems untrustworthy, including emails, links, and attachments.
-
The importance of strong and unique passwords cannot be overstated. Create uncrackable passwords with uppercase and lowercase letters, numbers, and special characters, and never reuse them.
-
You can add an extra layer of security by enabling two-factor authentication (2FA) by logging in with a code sent to your phone.
-
Make sure your devices are regularly scanned for malware: Use reputable antivirus software to detect and remove malicious software.
Passwords and more
Password-based security is insecure due to this exploit, marking a significant shift in cybersecurity. Adapting our defensive strategies to cybercriminals’ evolving tactics is essential.
To keep our Google accounts, and our digital lives, secure, we need a multilayered approach that includes strong passwords, 2FA, vigilance, and awareness of emerging threats.
SEE ALSO:
WhatsApp Will Allow Business Account Holders To Subscribe To Meta Verified