An analysis by security company CloudSEK has found that a dangerous type of malware can use third-party cookies to gain illegal access to people's private data, and hacking groups have already tested it. Have done.

The flaw was first disclosed by a hacker on the messaging platform Telegram in October 2023.

The post explained how accounts could be accessed by exploiting vulnerabilities associated with cookies (which websites and browsers use to track users in order to improve their performance).

Google authentication cookies allow users to access their account without repeatedly entering their login details. However, hackers have found a way to get these cookies to bypass the two-factor authentication step.

In a statement, Google said the company routinely upgrades its defenses against such techniques to protect users from becoming targets of malware. Google has taken steps to protect any suspicious accounts it has flagged