ijeff@lemdro.idM to Android@lemdro.idEnglish · 11 months agoMalware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accountswww.bleepingcomputer.comexternal-linkmessage-square4fedilinkarrow-up1100arrow-down12
arrow-up198arrow-down1external-linkMalware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accountswww.bleepingcomputer.comijeff@lemdro.idM to Android@lemdro.idEnglish · 11 months agomessage-square4fedilink
minus-squareepyon22linkfedilinkEnglisharrow-up4·11 months agoIt’s based on security hole in what I’m interpreting as a web API. You leverage a legitimatly logged in Google account on a malicious website and this web endpoint gives you keys to everything else
It’s based on security hole in what I’m interpreting as a web API. You leverage a legitimatly logged in Google account on a malicious website and this web endpoint gives you keys to everything else