Security News > 2020 > March > 'Cookiethief' Android Malware Hijacks Facebook Accounts
A recently discovered Android Trojan was designed to gain root access on infected devices and hijack Facebook accounts by stealing cookies from the browser and the social media app.
While it's uncertain how the Trojan infects devices - it does not exploit flaws in the Facebook application or the browser - it achieves root by connecting with another backdoor installed on the smartphone, and passes it a shell command.
The C&C server addresses and employed encryption keys show connections between Cookiethief and Trojans such as Sivu, Triada, and Ztorg.
Such malware is often pre-installed on devices, or is installed via operating system vulnerabilities.
"As a result, a persistent backdoor like Bood, along with the auxiliary programs Cookiethief and Youzicheng, can end up on the device," Kaspersky concludes.
News URL
Related news
- New Android malware steals your credit cards for NFC relay attacks (source)
- SuperCard X Android Malware Enables Contactless ATM and PoS Fraud via NFC Relay Attacks (source)
- Russian army targeted by new Android malware hidden in mapping app (source)
- Fake AI Tools Used to Spread Noodlophile Malware, Targeting 62,000+ via Facebook Lures (source)
- Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims (source)
- ⚡ Weekly Recap: APT Campaigns, Browser Hijacks, AI Malware, Cloud Breaches and Critical CVEs (source)
- ⚡ Weekly Recap: APT Intrusions, AI Malware, Zero-Click Exploits, Browser Hijacks and More (source)
- Android malware Crocodilus adds fake contacts to spoof trusted callers (source)
- FBI: BADBOX 2.0 Android malware infects millions of consumer devices (source)