The developer of a malware called Lumma recently announced a new feature designed to enable users of the malicious software to reactivate expired Google cookies. If this works as advertised, it could potentially grant cybercriminals the ability to take over Google accounts even when they have access to an expired session cookie, meaning the user is logged out.
To prevent potential abuse, session cookies typically have a limited lifespan. As long as these cookies are valid, users can access Google-associated services without having to log in each time with their credentials, significantly reducing the frequency of required logins.
$1,000 per month for the restoration of old cookies
According to a report by Bleeping Computer, it appears that cybercriminals are now able to access the corresponding Google account even through an expired session cookie. Allegedly, the developer of the Lumma info-stealing malware announced an update a few days ago that allows “dead cookies to be restored using a recovery file key.”
The new feature, specifically targeting Google cookies, is initially available only to subscribers of the corporate-tier service for $1,000 per month, as stated in the report by Bleeping Computer. A similar function recently emerged in another malware called Rhadamanthys, raising the likelihood that the malware developers may have indeed discovered a security flaw exploitable for cookie reactivation.
Potential security vulnerability remains unknown for now
Despite repeated inquiries, Google has not yet commented on any potential vulnerability in its session cookies. Additionally, a supposed support representative from the developer behind the Lumma malware has declined to provide any statement regarding the function itself or the security loophole used for it, as reported by Bleeping Computer.
Whether the feature works as promised and poses a real threat remains uncertain for now. Those seeking protection from a potential attack should avoid visiting dubious websites or downloading files from untrusted sources to prevent malware infections. Advertisements in Google and Bing search results are often misused for spreading malicious software, especially through typosquatting techniques.
READ MORE: Legal Battle Threatens Sony’s PlayStation Store Prices in the UK
