Yazılar

FBI Issues Urgent Warning for All Gmail Users Over New Cookie-Based Hack

/in /tarafından

The FBI has issued an urgent warning for Gmail users worldwide after detecting a new wave of cyberattacks exploiting a session cookie vulnerability that allows hackers to bypass two-factor authentication and gain full access to victims’ accounts.

With over 1.8 billion users globally, Gmail is one of the most popular email platforms — and also one of the most targeted by cybercriminals. According to the FBI, attackers are using sophisticated techniques to steal login cookies from infected devices, granting them access not just to Gmail accounts, but also to connected services like social media, online banking, and cloud storage.

The attack begins when victims unknowingly click malicious links or visit fake websites, downloading malware that silently extracts session cookies — files that store login information so users don’t have to re-enter passwords. Once stolen, these cookies allow hackers to impersonate users and access their accounts without needing credentials or authentication codes.

The FBI warns that this technique effectively neutralizes two-factor authentication, long considered one of the strongest security measures against account hijacking.

To protect users, the agency recommends:

  • Regularly deleting browser cookies.

  • Avoiding the “Remember this device” option when logging in.

  • Only visiting secure websites that use HTTPS.

  • Frequently checking account login history for suspicious activity.

Google has acknowledged that cookie theft affects users across the web and said it is developing new security measures to mitigate the threat, describing the attacks as part of a growing, lucrative cybercrime trend.

FBI Warns AI-Generated Voices Used to Impersonate Senior U.S. Officials in Cyber Campaign

/in /tarafından

The FBI has issued a public warning that malicious actors are leveraging AI-generated voice messages and text to impersonate senior U.S. government officials, targeting both current and former federal and state officials in a sophisticated social engineering campaign.

According to the FBI’s announcement on Thursday, the aim of the scheme is to:

  • Gain access to personal accounts of government officials

  • Target additional contacts once access is gained

  • Harvest sensitive information or even solicit funds fraudulently

How the Scheme Works:

  • Attackers initiate text message conversations to build rapport with the targets.

  • Once trust is established, they urge the recipient to switch to another platform, often linking to a hacker-controlled website designed to harvest credentials like usernames and passwords.

  • In some cases, attackers use AI-generated voice clips to convincingly impersonate the tone and mannerisms of known officials.

Threat Scope:

The FBI has not disclosed how many individuals have been targeted or whether the actors are financially motivated cybercriminals or state-aligned entities. The use of generative AI makes attribution and detection more difficult, and the agency continues to assess the full scope of the threat.

This follows a December 2024 warning from the FBI regarding the broader use of AI-generated contentincluding text, audio, images, and videoto commit crimes such as fraud, extortion, and identity theft.

Broader Implications:

The campaign underscores the growing threat of generative AI in cybercrime, particularly in impersonation and phishing-style attacks aimed at high-value targets. Government agencies and private sector organizations are now being urged to:

  • Strengthen multi-factor authentication

  • Train personnel to recognize AI-driven impersonation attempts

  • Avoid clicking on unsolicited links or moving conversations to unknown platforms

As AI tools become more accessible, security experts warn that digital impersonation will become an increasingly common tactic for attackers seeking access to sensitive systems or socially engineered pathways into secure environments.