Databreaches
5 months agoPrivacy technologies
Compromising Google Accounts: Malwares Exploiting Undocumented OAuth2 Functionality for session hijacking
The PRISMA exploit allows for the generation of persistent Google cookies, providing continuous access to Google services even after a password reset.
CloudSEK's threat research team discovered the exploit's root at an undocumented Google OAuth endpoint called 'MultiLogin'. [ more ]