According to the security firm, Phosphorus was able to gain access to Google accounts by tricking users into clicking on malicious links. Once a user clicked on a link, their OAuth credentials would be stolen and sent to Phosphorus's servers.
Phosphorus then used the stolen credentials to access users' Google accounts and steal sensitive information, such as email messages, contacts, and documents. The hackers were also able to change users' account settings and send malicious emails from their accounts.
The security firm said that the attack was successful because of several factors, including:
* The vulnerability in Google's OAuth authentication system
* The fact that many users were tricked into clicking on malicious links
* The lack of security awareness among many users
The security firm recommends that users take steps to protect themselves from similar attacks, such as:
* Using strong passwords and enabling two-factor authentication for their Google accounts
* Being wary of clicking on links in emails or text messages from unknown senders
* Keeping their software up to date
Google has since patched the vulnerability that was exploited by Phosphorus. The company is also working with law enforcement to investigate the attack.
