Google accounts can be accessed without passwords! Hackers can acquire control via cookies, know how

tech.hindustantimes.com:

Google accounts are considered safe if the password is strong enough. Well, that is old news, at least that is what this new report is saying. According to CloudSek, hackers have found a way to access Google accounts without passwords! So, is your Google account safe from hackers? The report says that hackers have used a form of malware that utilises third-party cookies to illegally enter users' Google accounts and they have free run on whatever data that it has. In effect, the potential to compromise private and professional lives of millions of users is very much there.

What is even more surprising is the fact that it was not revealed by any security agency or corporation, rather, it was outed by a hacker when he posted about it on a Telegram channel boasting about the exploit in October 2023. The Telegram post even indicated the method used - cookies.

According to Google, these are small pieces of text sent to users' web browser by any website they visit. Cookies help that website remember information about their visit, which can both make it easier to visit the site again and make the site more useful to the users.

We are now on WhatsApp. Click to join.

The job of cookies is to make users' life easier, as explained above, but in this instance, they were used for hacking purposes. In fact, hackers devised a method to hijack these cookies and circumvent the security features present, including 2-factor authentication.

The Tech giant is reportedly working on a solution to ensure that the breach is sealed permanently and the Google Chrome browser security is up and running.

“We routinely upgrade our defences against such techniques and to secure users who fall victim to malware. In this instance, Google has taken action to