Security News > 2020 > March > Android Cookie-Stealing Malware Found Hijacking Facebook Accounts
A new simple but dangerous strain of Android malware has been found in the wild that steals users' authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.
"Malware could steal cookie files of any website from other apps in the same way and achieve similar results."
Cookiethief: Hijacking Accounts Without Requiring Passwords Cookies are small pieces of information that's often used by websites to differentiate one user from another, offer continuity around the web, track browsing sessions across different websites, serve personalized content, and strings related to targeted advertisements.
Once the device is infected, the malware connects to a backdoor, dubbed 'Bood,' installed on the same smartphone to execute "Superuser" commands that facilitate cookie theft.
It's not yet clear what the attackers are really after, but the researchers found a page found on the C2 server advertising services for distributing spam on social networks and messengers - leading them to the conclusion that the criminals could leverage Cookiethief to hijack users' social media accounts to spread malicious links or perpetuate phishing attacks.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/DPnBSkkgybA/android-cookies-malware-hacking.html
Related news
- Android malware uses NFC to steal money at ATMs (source)
- New NGate Android malware uses NFC chip to steal credit card data (source)
- Cybercriminals Deploy New Malware to Steal Data via Android’s Near Field Communication (NFC) (source)
- New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards (source)
- SpyAgent Android malware steals your crypto recovery phrases from images (source)
- New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys (source)
- Beware: New Vo1d Malware Infects 1.3 Million Android-based TV Boxes Worldwide (source)
- New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram (source)
- New Vo1d malware infects 1.3 million Android TV streaming boxes (source)
- New Vo1d malware infects 1.3 million Android streaming boxes (source)