Hackers bypass Google Workspace authentication to expose thousands of accounts

Attacks on Google Workspace started at least a month ago, and possibly even earlier than that.

  Science/Technology   Jul 29, 2024   0   37  Add to Reading List
Hackers bypass Google Workspace authentication to expose thousands of accounts


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM


Click the link to join the registration on WhatsApp: https://chat.whatsapp.com/KThkuZlWaTcCu3iJHGBmLM

Google’s cloud-based productivity platform had an authentication weakness that allowed hackers to impersonate other companies and log into third-party services, experts have warned.

As reported by KrebsOnSecurity, the vulnerability was discovered in the email verification process when creating a Google Workspace account. 

Crooks were able to circumvent the verification, and log into third-party services that offered the “Sign in with Google” option for authentication.

Caught in the wild

“The tactic here was to create a specifically-constructed request by a bad actor to circumvent email verification during the signup process,” Anu Yamunan, director of abuse and safety protections at Google Workspace, told Krebs. 

“The vector here is they would use one email address to try to sign in, and a completely different email address to verify a token. Once they were email verified, in some cases we have seen them access third party services using Google single sign-on.”

Google’s engineers also confirmed that the vulnerability was being abused in the wild, at least in the last couple of weeks:

“In the last few weeks, we identified a small-scale abuse campaign whereby bad actors circumvented the email verification step in our account creation flow for Email Verified (EV) Google Workspace accounts using a specially constructed request,” Google said. “These EV users could then be used to gain access to third-party applications using ‘Sign In with Google’.”

Google said it fixed the problem within 72 hours from discovering it, and added an extra layer of protection, for good measure. It also said that the abuse involved “a few thousand” accounts, and that it started in late June. 

However, the comments left by readers on both TheHackerNews, and KrebsOnSecurity, suggest that the issue was present for a lot longer, Neowin reports. In fact, some people said they fell victim to the attack in early June 2024, which would mean hackers were abusing the flaw for at least two months before it was finally addressed.

More from TechRadar Pro

Read Original   

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow

Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com
Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com
Keep advertising to get more people

You could reach thousands of more people for every ₦1,000 you spend. https://doacweb.com/advertising

Adverts on doacWeb can be informative, educative or persuasive in nature.

doacWeb Ads is always directed at a broad audience (reaching thousands of people day by day), not few individuals — it deliver your advert to the target audience at the same time. Putting your offer in front of the right people — who have the money and interest in what you sell.

doacWeb Advertising gives you advantage as adverts passes through https://doacweb.com to the internet, reaching millions of people over the internet, and to grow your audience.

Grow your business, Be known, Boost your visibility, Drive engagements, Get new customers and Increase sales.

doacWeb acts as a global advertising media, to let people — individuals — and businesses, to promote and reach more interested people.

Get Started.

WhatsApp: 09031633831

Email: info@doacweb.com