Google is 'looking into' a devastating Gmail attack that locks users out of their accounts with no way to recover.
I write a lot about Google security, and that which involves the most popular free email platform on the planet, with 2 billion active users, Gmail, in particular. Sure, much of this will focus on theof any attack, much of which comes from Google itself.
When I hear from readers that they are being locked out of their Gmail account by hackers and are unable to get back in, no matter what, that’s a concern. When Google informs me that it is “looking into it” and will issue specific guidance “in the near future,” that’s even more so. Here’s what you need to know about the Gmail hack attack that prevents you from regaining access to your account, and how to best protect yourself from becoming yet another victim. As regular readers will likely already know, I entered the world of cybersecurity as a hacker in the 1980s. Hacking is not a crime, quite literally so back then, as there were no laws that specifically applied to the act of unauthorised network intrusion. Criminal hacking is quite another thing altogether. So, when I read about a Gmail user who had not only been compromised but found themselves locked out of their account with seemingly no chance of recovery, my hacker brain started to engage. How could this be, I wondered, given that there are so many ways to get account control back, even if an attacker haspost-compromise. And then the chicken clucked, the bell rang, and the penny dropped: this was a very clever bit of hackery involving the use of a feature meant to protect accounts, not hold them hostage.that explained how an attacker had changed his age to 10 on his account profile and then added it to a family account under the attacker’s control. Ten years old being younger than the account had actually existed for, it is 12 years old apparently, might, you would have hoped, set off some Google alarm bells in these days of advanced AI protections, but no. By adding the compromised account to a family account and making it a child one, the actual owner found themselves totally locked out and unable to use any of the myriad recovery options provided by Google. The icing on this particularly smelly cake was that the attacker then demanded the victim send a bunch of gift cards to get the account released. “TL;DR: Account accessed, placed as a child in a Google family, and locked out,” the victim concluded, “please help.” As the thread developed, others confirmed that the use of a child account is becoming a common tactic among hackers, and recovering from it appears impossible. “You would think that changing people’s date of birth on their accounts should require a forced re-auth and not be doable without providing all authentication factors,” one wrote, quite sensibly. Perhaps the most astute comment in the subreddit thread was someone suggesting that Google had probably not anticipated such a situation. This does seem likely, although it’s a very unfortunate error if so. I reached out to Google to ask for advice for the victims of this hack attack lockout issue, and a spokesperson told me that the security team was looking into it as a “a known post-compromise action some hijackers take.” Google stressed, however, that it is also a fairly uncommon one. I suspect, however, now that the tactic is becoming known in online forums, that more attackers will deploy it. “Look for more detail and specific guidance from us on this in the near future,” the Google spokesperson said, sharing the following core guidance for stopping account takeovers in the meantime:Double-check that only current/available phones or numbers are associated with accounts, and regularly review what devices are associated with them. Remember, the best way to prevent an attacker from locking you out of your Gmail account in this way is to prevent them from compromising it in the first place. You know it makes sense, so get that Google passkey set up now.
Gmail Hack Gmail Recovery Gmail Acknowledges Account Hack Wioth No Recovery Gmail Security Gmail Account Hack Google Looking Into Devastating Gmail Hack Attack Google Account Google Account Hacked Google Account Recovery
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Zara and H&M's New Holiday Collections Are My Hack to a Richer-Looking Winter WardrobeBrooke Knappenberger is the Associate Commerce Editor at Marie Claire, where she specializes in crafting shopping stories—from sales content to buying guides that span every vertical on the site.
Read more »
Google Quietly Removed One Of The Most Underrated Google Home FeaturesJosh has worked a freelance writer for the past ten years, writing news and features focusing on the gaming, science, and tech industries. He has covered big events like E3, CES, and a slew of other smaller press events oriented around the latest consumer technology and gadgets.
Read more »
I'm 5'3' — These 17 Rich-Looking Winter Dresses Fit Like a GloveI’m a 5'3' shopping writer and found 17 expensive-looking petite dresses that fit like a glove, and they start at just $9 — details!
Read more »
Do Not Ignore These Emails—Gmail, Outlook And Apple Mail Users Must Act NowEmail bombing attacks have just soared 1000% — if you're not already worried, you should be.
Read more »
Bexar County Sheriff’s Office looking for missing woman with diagnosed medical conditionThe Bexar County Sheriff’s Office is searching for a missing woman with a diagnosed medical condition.
Read more »
Microsoft finally has a better looking Run dialog for Windows 11Microsoft is testing a new modern design for the Run prompt in Windows 11. The overhauled design is optional, and looks a lot more like a launcher.
Read more »