Lumma malware can allegedly restore expired Google auth cookies

Trending 2 weeks ago
  1. Home
  2. Technology
  3. Lumma malware can allegedly restore expired Google auth cookies

Data theft

The Lumma information-stealer malware (aka 'LummaC2') is announcement a new affection that allegedly allows cybercriminals to restore asleep Google cookies, which can be acclimated to annex Google accounts.

Session accolade are specific web accolade acclimated to acquiesce a browsing affair to log in to a website's casework automatically. As these accolade acquiesce anyone possessing them to log in to the owner's account, they frequently accept a bound lifespan for aegis affidavit to anticipate abusage if stolen.

Restoring these accolade would acquiesce Lumma operators to accretion crooked acceptance to any Google anniversary alike afterwards the accepted buyer has logged out of their anniversary or their affair has expired.

Hudson Rock's Alon Gal first spotted a appointment column by the info-stealer's developers highlighting an amend appear on November 14, claiming the "ability to restore asleep accolade application a key from restore files (applies alone to Google cookies)."

Lumma announcement new, able featureLumma announcement new, able feature
Source: BleepingComputer

This new affection was alone fabricated accessible to subscribers of the highest-tier "Corporate" plan, which costs cybercriminals $1,000/month.

The appointment column additionally clarifies that anniversary key can be acclimated alert so that cookie apology can assignment alone one time. That would still be abundant to barrage adverse attacks on organizations that contrarily chase acceptable aegis practices.

This new affection allegedly alien in contempo Lumma releases is yet to be absolute by aegis advisers or Google, so whether or not it works as advertised charcoal uncertain.

However, it is account advertence that addition stealer, Rhadamanthys, appear a agnate adequacy in a contempo update, accretion the likelihood that malware authors apparent an accommodating aegis gap.

Rhadamanthys Stealer additionally claiming to action Google cookie restorationRhadamanthys Stealer additionally claiming to action Google cookie restoration
Source: @g0njxa

BleepingComputer has contacted Google assorted times requesting a animadversion on the achievability of malware authors accepting apparent a vulnerability in affair cookies, but we accept yet to accept a response.

A few canicule afterwards contacting Google, Lumma's developers appear an amend that claims to be an added fix to bypass anew alien restrictions imposed by Google to anticipate cookie restoration.

Update to abode restrictionsLumma amend to abode restrictions
Source: BleepingComputer

BleepingComputer has additionally attempted to apprentice added about how the affection works and what weakness it exploits anon from Lumma. However, a "support agent" of the malware operation beneath to allotment annihilation about it.

When asked about the agnate affection Rhadamantis added recently, Lumma's abettor told us their competitors had abominably affected the affection from their stealer.

If information-stealers can absolutely restore asleep Google accolade as promoted, there's annihilation that users can do to assure their accounts until Google pushes out a fix besides preventing the malware infection that leads to the annexation of those cookies.

Precautions accommodate alienated downloads of torrent files and executables from arguable websites and absence answer after-effects in Google Search.

Related Article

Russian pleads guilty to running crypto-exchange used by ransomware gangs

Russian pleads guilty to running crypto-exchange used by ransomware gangs

1 hour ago
UK and allies expose Russian FSB hacking group, sanction members

UK and allies expose Russian FSB hacking group, sanction members

2 hours ago
Meta rolls out default end-to-end encryption on Messenger, Facebook

Meta rolls out default end-to-end encryption on Messenger, Facebook

4 hours ago
Krasue RAT malware hides on Linux servers using embedded rootkits

Krasue RAT malware hides on Linux servers using embedded rootkits

13 hours ago
New SLAM attack steals sensitive data from AMD, future Intel CPUs

New SLAM attack steals sensitive data from AMD, future Intel CPUs

18 hours ago
US senator: Govts spy on Apple, Google users via mobile notifications

US senator: Govts spy on Apple, Google users via mobile notifications

23 hours ago

Trending

1. Hanukkah
2. Hanukkah 2023
3. LEGO Fortnite
4. Craig Kimbrel
5. Pearl Harbor Day
6. Game Awards 2023
7. Timberwolves
8. Vivek Ramaswamy
9. Post-traumatic amnesia
10. Man City

Popular Article

Google might finally have an answer to Chat GPT-4

Google might finally have an answer to Chat GPT-4

23 hours ago
US senator: Govts spy on Apple, Google users via mobile notifications

US senator: Govts spy on Apple, Google users via mobile notifications

23 hours ago
Google launches Gemini AI systems, claims it's beating OpenAI and others - mostly

Google launches Gemini AI systems, claims it's beating OpenAI and others - mostly

23 hours ago
Where to find the secret cave in Fortnite

Where to find the secret cave in Fortnite

22 hours ago
AMD’s Ryzen 8040 feels like a rug pull

AMD’s Ryzen 8040 feels like a rug pull

22 hours ago
Where to watch It’s a Wonderful Life

Where to watch It’s a Wonderful Life

18 hours ago
English (US) English (US) · Indonesian (ID) Indonesian (ID) ·
About Us · Contact Us · Terms & Conditions · Disclaimer ·

©2023 PAK MEDIA BLOG.
All Rights Reserved.