Internet cookies are used for cyber attack!

in #cookies5 years ago

Cyber ​​security experts have spotted two new Android malware that can steal cookies in the browser and apps of popular social networking sites.
According to Kaspersky's description, small pieces of data collected by websites to track activities on the internet to provide a personal experience for users are called cookies.

Although cookies are considered harmless, they can pose a security risk when they get into the wrong hands . When websites store these cookies, they create a session ID so that they can identify the user without a password.

Attackers can thus capture the victims 'accounts and spread malicious content. According to Kaspersky experts' detection, the first trojan horse gets root rights on the victim's device, allowing thieves to transfer Facebook cookies to their servers, but having only the ID number is not enough to take control of the account.

Some websites take security measures to prevent suspicious login attempts. For example, when a user who was previously active in Chicago logged in from Bali a few minutes later, the measures taken prevent the account from being used.

The second trojan horse comes into play here. This malicious application bypasses security measures by running a proxy server on the victim's device. In this way, the attackers begin to act as the owner of the account and spread unwanted content on social media. Although the main purpose of cookie thieves is not yet known, it gives a page hint on the command and control server. The page has advertisements for sending spam through social networks and messaging applications.

"Clear cookies periodically"

Malware Software Analyst Igor Golovin, who said in the statement, said that cookie thieves who combined the two attacks discovered a way to capture victims' accounts without suspicion.

Golovin said: "With this new threat, nearly a thousand people have been targeted so far. This number is increasing and will continue to increase because websites are very difficult to detect. Attention should be paid to everything that collects personal data on the Internet. "

Kaspersky experts advise users to protect them from cookie thieves: "Block third-party cookie access in your phone's web browser and allow your data to be saved only until it exits the browser. Clear cookies periodically. use a security solution.

Posted using Partiko Android

Sort:  

Warning! This user is on our black list, likely as a known plagiarist, spammer or ID thief. Please be cautious with this post!
If you believe this is an error, please chat with us in the #appeals channel in our discord.