Hackers invent new Android 'attack' that lets them log into your Facebook account – how to stay safe

ANDROID users are being warned about a new malware strain that could let hackers login to your Facebook via Google Chrome.

The new bug is said to steal authentication cookies from web browsers and apps such as Facebook.

The digital infection can then use the sensitive information collected.

Cookies are bits of information aimed at improving your browsing experience.

They can remember your browsing history and help websites to make relevant recommendations.

However, cookies can also enable your accounts to stay logged in and this is the feature the malware aims to exploit.

The malware strain was uncovered by Kaspersky researchers who have aptly dubbed it CookieThief.

According to Kaspersky, the bug will try and steal your personal information to access your accounts behind your back.

It said the hackers wouldn't even need a password to do this.

This is because the criminals would be armed with the cookie information that lets you login automatically.

Kaspersky has found around 1,000 individuals that have been affected by this malware but has warned that this number is growing.

We asked Igor Golovin, Security Expert at Kaspersky, how Android users could protect themselves.

He told us: "Only download applications from trusted sources, like official marketplaces, keep your device up to date and install an antivirus solution on your phone, like Kaspersky Antivirus & Security for Android.

"This will help protect your device from malware.

"This malware does not expose itself on the victim’s device.

"Therefore, the best way to stay secure is install antivirus software on your phone and use it to delete malicious files."

As to whether tech firms could block this attack, Golovin told us: "This attack may be difficult to detect because web requests generated by malicious apps contain actual user cookies, and these requests come from the same user device and same IP address as normal user traffic.

"However, tech firms can detect suspicious or unusual user activity patterns and block them.

"Such methods are well known and some firms use them.

"But it is always a cat-and-mouse game; there is no way to completely block all types of fraud once and for all."

What info does Facebook hold on you?

  • All the data on your profile – name, age, marital status, where you went to work, and so on.
  • Your activity on the site – which posts you like, pages followed, photos shared.
  • Its tracker cookies (which most websites use) can even follow you around the internet, so Facebook can also get an idea of the types of websites you like to visit – to serve you more relevant advertisements.

In other news, Twitter has created a hand-washing emoji.

Instagram has banned dangerous, reckless and insensitive coronavirus filters.

And, we debunked some of the most outrageous coronavirus conspiracy theories.

Are you concerned about this Android 'attack'? Let us know in the comments…

Source: Read Full Article