Kaspersky: Two of This Malware to Steal your Cookies, and the acquisition of social-media accounts – All pages


Kaspersky found two modifications of Android malware that steal potentially have a cookie.

Kaspersky found two modifications of Android malware that steal potentially have a cookie.

Kaspersky found two modifications of Android malware that steal potentially have a cookie.

According to a press release from Kaspersky, a second modification of the malware, when combined, can steal, collected from cookies through the browser and the application on the popular social networking site.

In addition, this malware allows you to secretly the actors, the danger of obtaining control of the account, the victim and transfer a variety of content, which is not desirable.

What is a cookie? A Cookie is a small amount of data to keep track of the sites, the activities of online users. The data will be collected to create the manager of the site, an experience that is personalized (the personal experience) in the future.

Cookies are often considered a disorder that is dangerous. But if it is in the wrong hands, a cookie can be a security risk.

What’s the risk? If a Website stored a cookie, the actor has a unique identity that identifies the user in the future, without a password or login. can threat

Once you have the identity of the user, the actor threat trick the site with a scenario that you are actually a victim and has full control over the account. This is done by the thieves of cookies through the development of a Trojan with a similar encoding, and control through the server-command and control (C&C) are the same.

The Trojans will first have a root access on the device of the victim, so that the actors are the threat to transfer the cookies, the Facebook on a server that you have. However, often only by the ID number alone is not enough to someone’s account.

Some websites implement security measures to prevent login attempt is suspicious. For example, a user of the try previously active in the Chicago you in of Bali only a few minutes later.

That’s when Trojan second take on the role. This malicious application proxy can perform to pass the server to the device of the victim to attract the security measures and access without suspicion. From there, the actor can be play threat, a role as a victim and take control of the social networking account of the user for the distribution of content, which is not desirable.

The main target of the thieves of the cookie is not yet known. However, pages on the server, C&C is found the same can give you a tip: on the page advertising a service to distribute spam on social networks, and the sender of the message. In other words, probably you are looking to access account, as a way to start spam attacks and phishing are widespread.

“The combination of the two attacks, the thief of cookies has found a way to get control over the account of the victims without suspicion. While this is a threat that is relatively new — so far only about 1,000 people, a number that continues to grow, and is likely to continue, especially because of the difficulty in capturing through the site are aligned. Although the majority of people usually do not pay attention to the cookie when browsing the web, it is still a choice in the procurement of personal data, and whenever you should be your personal data that is collected online, always vigilant,” said Igor Golovin, malware analysts from Kaspersky.

Read more about the Cookie Thief Facebook on a secure list.

Here are some of the preventive measures, the experts of Kaspersky are recommended in order to avoid the theft of Cookies are:

  • Unlock access to third-party cookies in the web browser of your phone and the data stored until you exit from the browser.
  • Clean your cookies regularly
  • Use a security solution that is reliable, such as Kaspersky Security Cloud that includes the private browsing feature, which prevent Websites from collecting information about your online activities.

Video Options