Lumma Malware Operator Can Allegedly Bring Expired Google Cookies Back To Steal Information

The Lumma information-stealer malware, also known as 'LummaC2,' is now promoting a new feature that supposedly enables cybercriminals to revive expired Google cookies, facilitating the hijacking of Google accounts. Session cookies, designed for automatic login during a browsing session, have a limited lifespan for security reasons. The malware's touted capability to restore expired cookies allows unauthorized access to Google accounts even after the user has logged out or the session has ended. Alon Gal from Hudson Rock discovered a forum post by the malware's developers on November 14, announcing an update that claims to provide the "ability to restore dead cookies using a key from restore files (applies only to Google cookies)." Read more...