Wednesday, March 3, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Privacy

New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts

March 13, 2020
in Internet Privacy
New Android Cookie-Stealing Malware Found Hijacking Facebook Accounts
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

A new simple but dangerous strain of Android malware has been found in the wild that steals users’ authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.

Dubbed “Cookiethief” by Kaspersky researchers, the Trojan works by acquiring superuser root rights on the target device, and subsequently, transfer stolen cookies to a remote command-and-control (C2) server operated by attackers.

You might also like

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

Researchers Unearth Links Between SunCrypt and QNAPCrypt Ransomware

New ‘unc0ver’ Tool Can Jailbreak All iPhone Models Running iOS 11.0

“This abuse technique is possible not because of a vulnerability in the Facebook app or browser itself,” Kaspersky researchers said. “Malware could steal cookie files of any website from other apps in the same way and achieve similar results.”

Cookiethief: Hijacking Accounts Without Requiring Passwords

Cookies are small pieces of information that’s often used by websites to differentiate one user from another, offer continuity around the web, track browsing sessions across different websites, serve personalized content, and strings related to targeted advertisements.

Given how cookies on a device allow users to stay logged in to a service without having to repeatedly sign in, Cookiethief aims to exploit this very behavior to let attackers gain unauthorized access to the victim accounts without knowing their actual online accounts passwords.

“This way, a cybercriminal armed with a cookie can pass himself off as the unsuspecting victim and use the latter’s account for personal gain,” the researchers said.

Kaspersky theorizes that there could be a number of ways the Trojan could land up on the device — including planting such malware in the device firmware before purchase, or by exploiting vulnerabilities in the operating system to download malicious applications.

android malware hacks chrome and facebook passwords

Once the device is infected, the malware connects to a backdoor, dubbed ‘Bood,’ installed on the same smartphone to execute “superuser” commands that facilitate cookie theft.

How Do Attackers Bypass Multi-Level Protection Offered by Facebook?

Cookiethief malware doesn’t have it all easy, though. Facebook has security measures in place to block any suspicious login attempts, such as from IP addresses, devices, and browsers that had never been used for logging into the platform before.

But the bad actors have worked around the problem by leveraging the second piece of malware app, named ‘Youzicheng,’ that creates a proxy server on the infected device to impersonate the account owner’s geographic location to make the access requests legitimate.

“By combining these two attacks, cybercriminals can gain complete control over the victim’s account and not raise suspicion from Facebook,” the researchers noted.

android proxy malware

It’s not yet clear what the attackers are really after, but the researchers found a page found on the C2 server advertising services for distributing spam on social networks and messengers — leading them to the conclusion that the criminals could leverage Cookiethief to hijack users’ social media accounts to spread malicious links or perpetuate phishing attacks.

While Kaspersky classified the attack as a new threat — with only about 1,000 individuals targeted in this manner — it warned that this number is “growing” considering the difficulty in detecting such intrusions.

To be safe from such attacks, it’s recommended that users block third-party cookies on the phone’s browser, clear the cookies on a regular basis, and visit websites using private browsing mode.


Credit: The Hacker News By: noreply@blogger.com (Ravie Lakshmanan)

Previous Post

How to Solve the Biggest Challenges in Enterprise AI

Next Post

Microsoft patches SMBv3 wormable bug that leaked earlier this week

Related Posts

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange
Internet Privacy

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

March 3, 2021
Researchers Unearth Links Between SunCrypt and QNAPCrypt Ransomware
Internet Privacy

Researchers Unearth Links Between SunCrypt and QNAPCrypt Ransomware

March 3, 2021
New ‘unc0ver’ Tool Can Jailbreak All iPhone Models Running iOS 11.0
Internet Privacy

New ‘unc0ver’ Tool Can Jailbreak All iPhone Models Running iOS 11.0

March 2, 2021
Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions
Internet Privacy

Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions

March 2, 2021
Why do companies fail to stop breaches despite soaring IT security investment?
Internet Privacy

Why do companies fail to stop breaches despite soaring IT security investment?

March 2, 2021
Next Post
Microsoft patches SMBv3 wormable bug that leaked earlier this week

Microsoft patches SMBv3 wormable bug that leaked earlier this week

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

6 Ways Machine Learning Can Improve Supply Chain’s Bottom Line
Machine Learning

6 Ways Machine Learning Can Improve Supply Chain’s Bottom Line

March 3, 2021
Malaysia Airlines suffers data security ‘incident’ spanning nine years
Internet Security

Malaysia Airlines suffers data security ‘incident’ spanning nine years

March 3, 2021
URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange
Internet Privacy

URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange

March 3, 2021
This Protein Therapeutics Company Integrates Wet Lab For High-Speed Characterization With Machine Learning Technologies To Guide The Search For Better Antibodies
Machine Learning

This Protein Therapeutics Company Integrates Wet Lab For High-Speed Characterization With Machine Learning Technologies To Guide The Search For Better Antibodies

March 3, 2021
Breadcrumbing Job Applicants: Bad for Employers
Marketing Technology

Breadcrumbing Job Applicants: Bad for Employers

March 3, 2021
Remote work: 5 things every business needs to know
Internet Security

Remote work: 5 things every business needs to know

March 3, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • 6 Ways Machine Learning Can Improve Supply Chain’s Bottom Line March 3, 2021
  • Malaysia Airlines suffers data security ‘incident’ spanning nine years March 3, 2021
  • URGENT — 4 Actively Exploited 0-Day Flaws Found in Microsoft Exchange March 3, 2021
  • This Protein Therapeutics Company Integrates Wet Lab For High-Speed Characterization With Machine Learning Technologies To Guide The Search For Better Antibodies March 3, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates