Security News > 2020 > March > 'Cookiethief' Android Malware Hijacks Facebook Accounts
A recently discovered Android Trojan was designed to gain root access on infected devices and hijack Facebook accounts by stealing cookies from the browser and the social media app.
While it's uncertain how the Trojan infects devices - it does not exploit flaws in the Facebook application or the browser - it achieves root by connecting with another backdoor installed on the smartphone, and passes it a shell command.
The C&C server addresses and employed encryption keys show connections between Cookiethief and Trojans such as Sivu, Triada, and Ztorg.
Such malware is often pre-installed on devices, or is installed via operating system vulnerabilities.
"As a result, a persistent backdoor like Bood, along with the auxiliary programs Cookiethief and Youzicheng, can end up on the device," Kaspersky concludes.
News URL
Related news
- Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware (source)
- New FakeCall Malware Variant Hijacks Android Devices for Fraudulent Banking Calls (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)
- Android malware "FakeCall" now reroutes bank calls to attackers (source)
- New Android Banking Malware 'ToxicPanda' Targets Users with Fraudulent Money Transfers (source)
- New SteelFox malware hijacks Windows PCs using vulnerable driver (source)
- Cyber crooks push Android malware via letter (source)
- NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data (source)
- SpyLoan Android malware on Google play installed 8 million times (source)
- 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play (source)