{"id":203766,"date":"2025-01-15T04:07:13","date_gmt":"2025-01-15T10:07:13","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/01\/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts"},"modified":"2025-01-15T04:07:13","modified_gmt":"2025-01-15T10:07:13","slug":"google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/01\/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts","title":{"rendered":"Google OAuth flaw lets attackers gain access to abandoned accounts"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/google-oauth-flaw-lets-attackers-gain-access-to-abandoned-accounts3.jpg\"><\/a><\/p>\n<p>A weakness in Google\u2019s OAuth \u201cSign in with Google\u201d feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms.<\/p>\n<p><iframe style=\"display: block; margin: 0 auto; width: 100%; aspect-ratio: 4\/3; object-fit: contain;\" src=\"https:\/\/www.youtube.com\/embed\/yIutY_X2FcU?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; encrypted-media; gyroscope;\n   picture-in-picture\" allowfullscreen><\/iframe><\/p>\n<p>The security gap was discovered by Trufflesecurity researchers and reported to Google last year on September 30.<\/p>\n<p>Google initially disregarded the finding as a \u201cfraud and abuse\u201d issue and not an Oauth or login issue. However, after Dylan Ayrey, CEO and co-founder of Trufflesecurity, presented the issue at <a href=\"https:\/\/www.youtube.com\/watch?v=yIutY_X2FcU&t=19992s\" target=\"_blank\" rel=\"nofollow noopener\">Shmoocon<\/a> last December, the tech giant awarded a $1337 bounty to the researchers and re-opened the ticket.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A weakness in Google\u2019s OAuth \u201cSign in with Google\u201d feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms. The security gap was discovered by Trufflesecurity researchers and reported to Google last year on September 30. Google initially disregarded the finding [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1492],"tags":[],"class_list":["post-203766","post","type-post","status-publish","format-standard","hentry","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/203766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=203766"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/203766\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=203766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=203766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=203766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}