MultiLogin is a Chromium feature that can be abused to compromise a user’s Google account. The “bug” was unveiled by a malware developer known as PRISMA in October 2023. The cyber-criminal shared details about a critical exploit designed to generate persistent cookies for “continuous” access to Google services, even after a user’s password reset.
Oof. Another good reason to use Firefox I guess?
Recent infostealer malware can infect a user’s PC, scan the machine for Chromium session cookies, then exfiltrate and send the data to remote servers controlled by cyber-criminals.
Just to add a little more weight to your point.
Oof… That not good. But I think they’ll just have to invalidate all the tokens, right? That should be pretty easy, right?
everyone has been logged out
Gonna need to hire another 500,000 support agents.
I mean, that’s about 500,000 more than they currently employ. It’ll be good for the economy.
