In a concerning development, a recently-discovered vulnerability in Google Chrome's cookies poses a serious risk to Google accounts, even if users change their passwords. Hackers are taking advantage of this zero-day vulnerability, exploiting session cookies used for user authentication to gain unauthorized access to sensitive Google accounts. At least six malware groups have been actively exploiting this vulnerability, raising concerns about the security of user information.

Cookies, which are used by web browsers to remember user activity on websites, including login status and form data, can potentially serve as a gateway for dangerous malware to access personal information and even banking details. While Google Chrome has been taking measures to crack down on third-party cookies, this specific vulnerability has left Google accounts vulnerable, with cybercriminals bypassing passwords altogether.

Session cookies, typically stored temporarily, allow users to log in without repeatedly entering their usernames and passwords. However, in this exploit recently detailed by Bleeping Computer, hackers have been able to retrieve these session cookies used for storing user authentication information. Consequently, cybercriminals can gain unauthorized access to user accounts using these specific cookies. The inherent danger lies in the fact that these session cookies bypass traditional security measures such as passwords and two-factor authentication, making it difficult for users to protect their Google accounts.

The vulnerability, first disclosed in October 2023, by an actor known as PRISMA, was subsequently reverse-engineered by researchers from CloudSek. They successfully regenerated Google authentication cookies that were supposed to expire with the session. It is important to note that while cookie regeneration can occur once, it can be repeated indefinitely, potentially perpetuating unauthorized access to compromised accounts.

While efforts are underway by Google to address the issue, one of the malware developers exploiting this vulnerability has already issued an update to circumvent the countermeasures put in place by the tech giant. However, Google has not responded to inquiries from BleepingComputer regarding plans to mitigate the damage caused by this vulnerability.

Currently, this zero-day vulnerability is being actively exploited by at least six malware groups. Consequently, it is difficult to determine if one's account has been compromised in such an attack. To safeguard against such threats, experts strongly advise against installing software from unknown sources. For Google Chrome users, it is crucial to remain vigilant and promptly change passwords if any unusual activity is detected on their Google accounts.

In conclusion, this newly-discovered cookie vulnerability in Google Chrome presents a severe security risk for Google account holders. Despite the ongoing efforts to address the issue, the active exploitation by malware groups highlights the urgent need for users to remain cautious and take necessary measures to protect their accounts. The security of personal information and sensitive data should always be a top priority for internet users.