Hackers have found a way to access Google Account without password. In a research, it is seen that hackers can find a way to access the Google account without a password with the help of authentication cookies.
This new security vulnerability was independently reported and analyzed by security firm Cloud SEC. The incident first came to light in October 2023 after hackers posted about it on the Telegram channel.
The independent report found that Google accounts could be compromised due to vulnerabilities in third-party cookies used by websites and browsers that track users and improve efficiency. Google authentication cookies can save the user's login data and log in to the account without resetting it.
But hackers have found ways to bypass two-factor authentication and retrieve cookies. According to Cloud SEK's blog post, even if the user resets the passport, the hacker can still access Google services. Based on an independent report, Google is working to upgrade security and protect users from malware.
To avoid being victimized by this malware, Google has suggested signing out of the affected browser and suspicious devices. Apart from this, Google also said that users can delete malware from the device and turn on 'Enhanced Safe Mode' in Chrome.