Lumma (aka LummaC2) promotes a new feature that allows cybercriminals to allegedly restore expired Google cookies, which can be used to steal Google accounts.
Lumma (aka LummaC2) promotes a new feature that allows cybercriminals to allegedly restore expired Google cookies, which can be used to steal Google accounts.
In web browsers, session cookies automatically log in to a website's services during a browsing session. Since they allow anyone possessing them to access the owner's account, they typically have a limited lifespan so that they cannot be misused.
Lumma operators could get unauthorized access to any Google account by restoring these cookies, even if the legitimate owner logged out or expired their session.
Hudson Rock's Alon Gal first noticed a forum post highlighting an update released by the info-stealer's developers on 14 November, claiming that dead cookies can be restored using keys from restore files (applies only to Google cookies).
According to the forum post, each key can be used twice, so cookie restoration can only be performed once. However, that would still be sufficient to launch a catastrophic attack against organizations that otherwise adhere to good security practices.
The new feature is only available to subscribers of the highest-tier Corporate plan, which costs cybercriminals $1,000 monthly.
Lumma's allegedly new feature is yet to be verified by security researchers or Google, so it remains unclear whether the feature works as advertised.
Rhadamantis added recently that their competitors had carelessly copied the feature from their stealer.
Suppose information-stealers are indeed capable of restoring expired Google cookies. In that case, users cannot protect their accounts until Google pushes out a fix aside from preventing malware infections that lead to cookie theft.
Among the precautions you should take are to avoid downloading torrent files and executables from suspicious websites and to skip promoted results in Google searches.
Want your digital assets to be protected?
CyberShelter provides innovative and modern cybersecurity products and niche services to individuals and organization against all kinds of cyber threats.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?