Android malware allows attackers to hijack social media accounts

Researchers at Kaspesky have discovered two new Android malware modifications that, when combined, can steal cookies collected by user's browsers and social media apps to allow an attacker to discreetly gain control over a victim's accounts.

Cookies are small pieces of data collected by websites in order to track a user's activity online to create personalized experiences in the future. In the wrong hands though, they can pose a security risk because cookies use a unique session ID that identifies users without requiring a password or login.

Once in possession of a user's ID, attackers can trick websites into thinking that they are that person and take control of their account. This is exactly what these two new Trojans with similar coding controlled by the same command and control (C&C) server do.

Stealing cookies

The first Trojan acquires root rights on a victim's device and this allows an attacker to transfer cookies from Facebook to their own servers. However, simply having a user's ID number is not enough to take control of an account in some circumstances. For instance, some websites have security measures in place that prevent suspicious log-in attempts.

This is where the second Trojan comes into play as it is a malicious app which can run a proxy server on a victim's device to bypass security measures to gain access without arousing suspicion. This allows an attacker to pose as the victim and take control of their social networking accounts to distribute undesirable content.

At this time, the aim of the cybercriminals stealing user's cookies is unknown but a page uncovered on the same C&C server may provide a hint. The page advertises services for distributing spam on social networks and messengers which means that attackers could be looking for account access as a means to launch widespread spam and phishing attacks.

Malware analyst at Kaspersky, Igor Golovin explained in a press release that while new, this threat will likely continue to grow, saying:

“By combining two attacks, the cookie thieves discovered a way to gain control over their victims’ accounts without arousing suspicions. While this is a relatively new threat—so far, only about 1000 individuals have been targeted—that number is growing and will most likely continue to do so, particularly since it’s so hard for websites to detect. Even though we typically don’t pay attention to cookies when we’re surfing the web, they’re still another means of processing our personal information, and anytime data about us is collected online, we need to pay attention.”



from TechRadar - All the latest technology news https://ift.tt/2TXIpKY
Share:

No comments:

Post a Comment

Categories

Rove Reviews Youtube Channel

  1. Subscribe to our youtube channel
  2. Like our videos and share them too.
  3. Our youtube channel name Rove reviews.

WITNUX

This website is made by Witnux LLC. This website provides you with all the news feeds related to technology from large tech media industries like GSM Arena, NDTV, Gadgets 360, Firstpost and many other such ates altogether at technical depicts so that you need not go to several sites to view their post provide you advantantage of time.

From the developer
Tanzeel Sarwar

OUR OTHER NETWORKS

OUR YOUTUBE CHANNEL

ROVE REVIEWS PLEASE SUBSCRIBE

OUR FACEBOOK PAGE

The Rove Reviews

Support

Trying our best to provide you the best DONATE or SUPPORTour site Contact me with details how are you gonna help us