A combination of new modifications to Android malware code has given rise to Trojans able to steal browser and app cookies from compromised devices.
On Thursday, researchers from Kaspersky said the new malware families,
dubbed Cookiethief, use a combination of exploits to acquire root rights to an Android device and then to steal Facebook cookie data. [....]
Threat actors may be able to fool a website into believing they are legitimate account holders, leading to account compromise, data theft, and potentially hijacking. There are security measures that can prevent these scenarios; however, the new malware's bag of tricks attempts to circumvent them.
Kaspersky isn't entirely sure how Cookiethief has landed on devices already showing signs of infection -- at the last count being roughly 1,000, a figure that is climbing -- but once the Trojan does, the first stage of the attack is to acquire root rights on an Android mobile device.
In the cases documented by Kaspersky, Facebook cookies are the prime target. The team is keen to emphasize that there does not appear to be a vulnerability in the Facebook app or mobile browsers that permits the theft and malware intrusion. [....]
