Kaspersky, a cybersecurity company, has discovered a new vulnerability in Andriod devices’ use of browser cookies, stating that they are being ex0ploited by a pair of Andriod targeted trojans. Kaspersky released a report titled “Cookiethief: a cookie-stealing Trojan for Android,” and it describes the new strain of malware, which it has dubbed Trojan-Spy.AndroidOS.Cookie thief.
The trojan then captures root rights on an Andriod device, which subsequently makes the device vulnerable to having its cookies stolen from the Browser and sites like Facebook. The cybercriminals then transfer them to the server of cybercriminals behind it. Using the same stolen cookies, a malicious actor can then impersonate a user on the web to access that person’s account.
Read More: Facebook cookie-stealing trojans surface on Android devices