Accessing Google accounts without a password has become possible through the exploitation of malware, according to cybersecurity researchers at CloudSEK. This method, which was initially disclosed in October 2023 on a Telegram Channel and gained traction after being promoted on Reddit, bypasses the need for traditional authentication. The vulnerability lies in the exploitation of third-party cookies, which are increasingly being used by hackers. These cookies, designed to monitor user activity, can store critical information such as passwords, making them attractive to hackers. This poses a significant cybersecurity threat, especially in bypassing Two-Factor Authentication (2FA). Google is actively working to secure compromised accounts and ensure the highest level of security for its users.
While Firefox users have relatively little cause for concern, as the browser is recognized for providing a safe browsing experience, Chrome users can enhance their security by activating the ‘Enhanced Safe Browsing’ mode within their settings. Microsoft Edge users, on the other hand, may need to take a different approach to security.
In conclusion, the exploitation of malware to gain unauthorized access to Google accounts without a password is a concerning cybersecurity trend. Hackers are exploiting third-party cookies, which can store critical information like passwords, making them an attractive target. This vulnerability poses a significant threat, particularly in bypassing Two-Factor Authentication. Google is actively working to secure compromised accounts and ensure user safety. Users can enhance their browsing security by activating certain features in browsers like Chrome and Edge. It is crucial for individuals to stay vigilant and take necessary steps to protect their online accounts.