https://www.googleforeducommunity.com/t5/Peer-Peer-Topics/Exploit-New-token-hack/m-p/2099#M1654 <P>Just an awareness piece</P><P><A href="https://cybernews.com/news/google-accounts-vulnerable-to-new-token-hack/" target="_blank" rel="noopener">https://cybernews.com/news/google-accounts-vulnerable-to-new-token-hack/</A></P><P><A href="https://www.bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookies-hijack-accounts/#google_vignette" target="_blank" rel="noopener">https://www.bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookies-hijack-accounts/#google_vignette</A></P> Sun, 31 Dec 2023 21:46:11 GMT Rick2025 2023-12-31T21:46:11Z https://www.googleforeducommunity.com/t5/Peer-Peer-Topics/Exploit-New-token-hack/m-p/2099#M1654 <P>Just an awareness piece</P><P><A href="https://cybernews.com/news/google-accounts-vulnerable-to-new-token-hack/" target="_blank" rel="noopener">https://cybernews.com/news/google-accounts-vulnerable-to-new-token-hack/</A></P><P><A href="https://www.bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookies-hijack-accounts/#google_vignette" target="_blank" rel="noopener">https://www.bleepingcomputer.com/news/security/malware-abuses-google-oauth-endpoint-to-revive-cookies-hijack-accounts/#google_vignette</A></P> Sun, 31 Dec 2023 21:46:11 GMT https://www.googleforeducommunity.com/t5/Peer-Peer-Topics/Exploit-New-token-hack/m-p/2099#M1654 Rick2025 2023-12-31T21:46:11Z https://www.googleforeducommunity.com/t5/Peer-Peer-Topics/Exploit-New-token-hack/m-p/2101#M1655 <P>Thanks, Rick.</P><P>Like most malware, it relies on first having access to to the user's computer, so having a proper endpoint security system, or a Chromebook (without rogue extensions!), is still as important as ever.</P><P>And it's a bit annoying that neither article clearly explains how to break the "hack" if affected.</P><P>One of the comments on the Bleeping article does, and is fairly easy to understand.</P><P>"<SPAN>Interim Remediation Steps:</SPAN><BR /><BR /><SPAN>While we await a comprehensive solution from Google, users can take immediate action to safeguard against this exploit. If you suspect your account may have been compromised, or as a general precaution, sign out of all browser profiles to invalidate the current session tokens. Following this, reset your password and sign back in to generate new tokens. This is especially crucial for users whose tokens and GAIA IDs might have been exfiltrated. Resetting your password effectively disrupts unauthorized access by invalidating the old tokens which the infostealers rely on, thus providing a crucial barrier to the continuation of their exploit."</SPAN></P> Mon, 01 Jan 2024 04:42:38 GMT https://www.googleforeducommunity.com/t5/Peer-Peer-Topics/Exploit-New-token-hack/m-p/2101#M1655 Kim_Nilsson 2024-01-01T04:42:38Z