Severe cookie bug can be used to hijack your Google account

Smartphone vendors are continuously striving to ensure user data security and privacy. While everything is going online, risks of data and privacy theft are a big concern. Google Account, which is necessary on Android phones, can be hijacked with cookie-related malware on desktop.

According to BleepingComputer, a severe cookie-related vulnerability that first involves malware exfiltrating files from Chrome looks to allow access to your Google Account even after passwords are changed.

Follow our socials → Google News | Telegram | X/Twitter | Facebook | WhatsApp

This vulnerability needs malware to be installed on a desktop to “extract and decrypt login tokens stored within Google Chrome’s local database.” Also, it’s not clear whether the two-factor authentication feature provides any protection.

Even after a Google Account password reset, this malware can be used one more time to get access to your account. Notably, multiple malware groups have access to this vulnerability and are selling it.

// BleepingComputer