3
Malware families exploited Google’s unreported OAuth endpoint, MultiLogin, enabling them to steal session tokens and gain unauthorized access to users’ accounts. Google has fixed the issue and taken action to secure compromised accounts. There was a misconception that stolen tokens and cookies couldn’t be revoked, but Google clarified that signing out of the affected browser or remotely revoking sessions through the user’s devices page invalidates stolen sessions. Users should remove malware from their computers and enable Enhanced Safe Browsing in Chrome for protection against phishing and malware downloads.
