Kaspersky Lab has announced two new Android malware programs that are capable of stealing cookies stored in the browser on smartphones and in applications of popular social networks, including Facebook.
This allows attackers to quietly gain control over an account on a social network and distribute content from it.
The first trojan gets root-rights and transfers browser cookies and installed social network application to the attackers server.
The second trojan is designed for cases when the session ID is not enough to take control of someone else’s account. It can launch a proxy server on the phone and provide cybercriminals with access to the Internet from the victim’s device in order to bypass security measures and thus log into their account without causing suspicion.
As experts emphasize, the detected trojans do not exploit vulnerabilities in a mobile browser or Facebook application. Using a similar method, attackers can steal cookies stored on any site.
Recently news
20 million Android user accounts leaked to the Web
Android’s new banking trojan bypasses even Google’s two-step authentication
The “undeletable” trojan threatens a quarter of all Android smartphones
New Android virus steals data and sends offensive messages
746 arrests, 2 tons of drugs, 54 million pounds and dozens of weapons. EncroChat anonymous service successfully hacked in Europe
Already 500 million downloads. Android Auto is growing at an alarming rate