Google Workspace Is Rolling Out A Security Update To Stop Token Stealing Attacks

Google Workspace is launching a caller information measurement to thief forestall nan aforesaid type of relationship takeover onslaught that impacted Linus Tech Tips. The feature, which is rolling retired successful beta for Chrome users connected Windows, is designed to artifact bad actors from remotely stealing nan cookies that support you logged into your Workspace account.

Google calls nan characteristic Device Bound Session Credentials (DBSC), and it does precisely what its sanction suggests: it protects users’ Workspace accounts by binding convention cookies, nan impermanent files that websites usage to retrieve personification information, to their devices.

That makes it much difficult for attackers to transportation retired convention token-stealing attacks, which often hap erstwhile a unfortunate downloads information-stealing malware. From there, bad actors tin exfiltrate a victim’s login credentials to a distant server, allowing them to motion into their relationship from different instrumentality aliases waste their credentials.

“Because this theft occurs aft a personification has logged in, it bypasses galore existing relationship protections for illustration 2FA [two-factor authentication],” Google spokesperson Ross Richendrfer tells The Verge. “Existing protections for this type of onslaught aren’t very mature, truthful it’s low-hanging consequence for attackers.”

In 2023, a bad character took complete nan YouTube transmission for Linus Tech Tips, on pinch 2 different Linus Media Group accounts, aft an worker downloaded a clone sponsorship connection containing cookie-stealing malware. This week, YouTube issued a warning astir a akin scam involving creators downloading phony marque deals. YouTube isn’t nan only level that we’ve seen impacted by cookie-stealing, either, arsenic hackers hijacked respective Chrome extensions past year, adding malware that exfiltrates convention tokens for immoderate websites.

Google says there’s been an “exponential rise” successful cooky and authentication token theft complete nan past mates of years, and that this “trend has only intensified successful 2025.” The institution began working connected DBSC past year, and said nan verification level Okta, arsenic good arsenic browsers for illustration Microsoft Edge, person “expressed interest” successful nan concept. Along pinch DBSC, Google recommends that Workspace administrators alteration passkeys arsenic well, which is now disposable to complete 11 cardinal customers.