Hackers find ways into Google accounts
According to researchers at Cloudsek.com, hackers are abusing an undocumented Google OAuth endpoint called “MultiLogin.” The experts are currently observing that other groups of cyber attackers are copying the technology and using it in their infostealers. Is a bigger wave coming now? Several information-stealing malware families exploit an undocumented Google OAuth endpoint called “MultiLogin” to recover expired authentication cookies and log in to user accounts. Even for accounts where the account password has been reset. Infostealer groups want to exploit the vulnerability The experts at Cloudsek.com report: The Lumma Infostealer, which contains the discovered exploit, was implemented on November 14th...