Google Responds to Detection of Session Token Malware Capable of Hijacking Accounts: Report

Malicious groups are exploiting a malware designed to hijack Google accounts and steal user information, even after a password reset, targeting Windows computers. This malware, first launched by the PRISMA group in 2023, steals login tokens from Google accounts and enables cybercriminals to retain access to such accounts. Google advises users to either log out of an infected browser or remotely sign out in their account settings to revoke the stolen tokens.