Malware Abuses Google OAuth Endpoint to ‘Revive’ Cookies, Hijack Accounts
Malware Abuses Google OAuth Endpoint to ‘Revive’ Cookies, Hijack Accounts
02 January 2024
Multiple information-stealing malware families are exploiting an undocumented Google OAuth endpoint called "MultiLogin" to restore expired authentication cookies and gain unauthorized access to users' accounts.