Malware abusing API is standard token theft, not an API issue

Malware abusing API is standard token theft, not an API issue

Google is downplaying reports of malware abusing an undocumented Google Chrome API to generate new authentication cookies when previously stolen ones have expired.

In late November 2023, BleepingComputer reported on two information-stealing malware operations named Lumma and Rhadamanthys, claiming they could restore expired Google authentication cookies stolen in attacks.


These cookies could then be loaded into threat actors’ browsers to gain access to an infected user’s…


Source link

About search

Check Also

California bill advances that would make Google, Facebook pay news companies whose stories appear on their platforms – The Mercury News

You can't escape it now — Gemini is officially part of Gmail, Google Drive, Docs, Sheets, and Slides – TechRadar

[unable to retrieve full-text content]You can’t escape it now — Gemini is officially part of …

Leave a Reply

Your email address will not be published. Required fields are marked *