Accounts left vulnerable to permanent compromise due to Google OAuth bug

29 Apr

Accounts left vulnerable to permanent compromise due to Google OAuth bug

Google’s Cloud Platform was found to have a vulnerability that could allow attackers to plant applications in a victim’s account, potentially compromising it permanently and without detection.

The flaw, known as GhostToken, was discovered by Israeli security firm Astrix, which alerted Google to the zero-day vulnerability in July 2022. An attacker who successfully compromised a victim’s account could read their Gmail, access their files and photos, view their calendar and track their location in Google Maps, depending on the permissions granted to the app.

The attack would begin with a compromised file in Google Marketplace, with the app receiving a token that gives it access to the installer’s account with user-authorised permissions.

GhostToken would then allow the attacker to hide the app from the user, making it impossible to remove from the account. Google acknowledged the flaw in August 2022 and issued a global update on April 7 to fix it.

Tags:

Google,Security,Vulnerability,Zero-Day Vulnerability

Accounts left vulnerable to permanent compromise due to Google OAuth bug

Accounts left vulnerable to permanent compromise due to Google OAuth bug

Tags:

Cloud Backup Feature for TOTP Codes Now Available on Google Authenticator App

Accounts left vulnerable to permanent compromise due to Google OAuth bug

How Fancy Bear Infected Routers Using an Old SNMP Bug

AI-generated YouTube videos used to distribute difficult-to-detect malware loader

Navigation

Connect with us on social