A year ago, Linus Tech Tips’ YouTube account fell victim to hackers. Despite a relentless investigation by the YouTube team, the hackers continued to stream crypto scams on the channel. It was later revealed that the attackers gained access to the entire YouTube channel of LTT through cookie theft, also known as session hijacking.
The breach occurred when an employee opened an email attachment that appeared to be a PDF file but was, in fact, a malicious executable. The malicious software ran on the system, decrypted the cookie database, and sent the session token to the attacker.
Session hijacking allows attackers to access any signed-in accounts stored in the browser, not limited to just YouTube, and can even bypass 2FA or multi-factor authentication.
Google has documented similar cookie theft malware targeting YouTube creators, underscoring the vulnerability. This threat is not exclusive to YouTube creators and can happen to anyone. For example, my brother fell victim to the same cookie theft technique, resulting in his Twitter account being hacked recently.
To combat cookie theft, Google has introduced a new solution called Device Bound Session Credentials (DBSC). This technology links the authentication session to the device, making it highly challenging for an attacker to utilize a stolen token on a different device.
Google accomplishes this by using TPM (Trusted Platform Modules) to securely store the private keys on the device. Even if an attacker gains access to a stolen cookie, it becomes useless because it cannot be used for authentication on a different device.
How to Enable DBSC on Google Chrome
The DBSC feature is currently in the prototype stage and is available on the stable channel of Google Chrome version 123.0.6312.123 or later. To enable DBSC, you will need to activate a flag in your browser settings. Here’s how to do it.
1. Open your Chrome browser and go to chrome://flags.
2. Look for “Device Bound Session Credentials” and activate it. Alternatively, you can directly access this feature by copying and pasting the following address into your browser.
chrome://flags/#enable-bound-session-credentials
3. Restart your browser. You should not notice any changes in how you access your online accounts.
Here’s how to enable DBSC in Chrome to safeguard your online accounts from cookie theft. A word of caution: avoid downloading PDFs, attachments, and executables from untrustworthy websites or via suspicious emails. It’s crucial not to run them immediately on your PC. You can use VirusTotal to perform a safety check first or utilize a reliable antivirus program to scan the file.
That’s all for now. If you have any questions, feel free to ask in the comment section below.
0 Comments