Cookiethief Android malware hijacks Facebook accounts by using browser cookies it transfers to the attacker’s C&C server.
Did you know as of 2019, Android and Facebook had more than 2.5 billion active users? While this is great for global connectivity it also makes both platforms lucrative targets for hackers.
Recently, Kaspersky Labs researchers discovered a new strain of malware that is targeting Android devices and so far it has claimed around 1,000 victims with the number growing higher every passing day.
See: Coronavirus Tracking App is ransomware; locks phones for ransom
Dubbed rather interestingly by researchers as Cookiethief; this Trojan aims to acquire “superuser root rights on the target device, and subsequently, transfer stolen cookies to a remote command-and-control (C2) server operated by attackers,” researchers wrote in their blog post.
It is worth noting that the exploitation doesn’t occur because of a security vulnerability in the web browser of the Facebook app but because of the cookies. It is no secret that browsers store cookies from all the websites and apps a user visits in order to display relevant results.
Cookies are, basically, tiny bits of information that help in differentiating between users, monitor browsing activities, and display ads. However, this Trojan, transfers cookies that the browser or Facebook app uses and sends it to the attacker’s C&C server. Interestingly, the malware ..
Support the originator by clicking the read the rest link below.
