On Android, two malicious programs were discovered that steal cookies stored in the browser on smartphones and in social network applications, in particular Facebook. This is reported by Kaspersky Lab.
Cookies are pieces of data that sites use to store information on user’s devices. For example, thanks to a cookie, you do not need to enter a password every time you load a page. The first trojan, when it enters the device, gets root-rights and transmits browser cookies and the installed social network application to the attacker’s server.
True, some sites provided protection in this case: for example, linking to geolocation at the entrance – if you logged in to Chicano, and after a few minutes an attempt was made to enter from Bali, the system will prevent a suspicious operation. But another malware can launch a proxy server on the phone and provide cybercriminals with access to the Internet from the victim’s device – this way around protective measures.
So, combining the two types of attacks, attackers were able to gain control of user accounts without suspicion. At the moment, it is known that the threat is new and no more than a thousand people have been exposed to it. However, their number is growing. Recommendations for protecting your data and device are simple: do not download applications from third-party sources, regularly update the device and scan the system for viruses.