Security News > 2023 > November > Lumma malware can allegedly restore expired Google auth cookies

Lumma malware can allegedly restore expired Google auth cookies
2023-11-21 19:29

The Lumma information-stealer malware is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.

Restoring these cookies would allow Lumma operators to gain unauthorized access to any Google account even after the legitimate owner has logged out of their account or their session has expired.

Hudson Rock's Alon Gal first spotted a forum post by the info-stealer's developers highlighting an update released on November 14, claiming the "Ability to restore dead cookies using a key from restore files."

BleepingComputer has contacted Google multiple times requesting a comment on the possibility of malware authors having discovered a vulnerability in session cookies, but we have yet to receive a response.

If information-stealers can indeed restore expired Google cookies as promoted, there's nothing that users can do to protect their accounts until Google pushes out a fix besides preventing the malware infection that leads to the theft of those cookies.

Huawei, Vivo phones tag Google app as TrojanSMS-PA malware.


News URL

https://www.bleepingcomputer.com/news/security/lumma-malware-can-allegedly-restore-expired-google-auth-cookies/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Google 102 253 4225 4525 728 9731