CookieMiner: Steals Passwords From Cookies, Chrome And iPhone Texts!

CookieMiner: Steals Passwords From Cookies, Chrome And iPhone Texts!

CookieMiner: Steals
Passwords From Cookies, Browsers And iPhone Texts

There’s a new malware CookieMiner, prevalent in the market which binges on saved passwords on Chrome, iPhone text messages and Mac-tethered iTunes backups.

A world-wide cyber-security organization not of very late
uncovered a malicious malware which gorges on saved user credentials like passwords
and usernames.
This activity has been majorly victimizing passwords saved
onto Google Chrome, credit card credentials saved onto Chrome and iPhone text
messages backed up to Mac.
Reportedly, what the malware does is that it gets hold of
the browser cookies in relation with mainstream crypto-currency exchanges which
also include wallet providing websites the user has gone through.
The surmised motive behind the past acts of the miner seems
to be the excruciating need to bypass the multi-factor authentication for the
sites in question.
Having dodged the main security procedure, the cyber-con
behind the attack would be absolutely free to access the victim’s exchange
account or the wallet so being used and to exploit the funds in them.
Web cookies are those pieces of information which get
automatically stored onto the web server, the moment a user signs in.
Hence, exploitation of those cookies directly means
exploiting the very user indirectly.
Cookie theft is the easiest way to dodge login anomaly
detection, as if the username and passwords are used by an amateur, the alarms
might set off and another authentication request may get sent.
Whereas if the username passwords are used along with the
cookie the entire session would absolutely be considered legit and no alert
would be issued after all.
Most of the fancy wallet and crypto-currency exchange
websites have multi-factor authentication.
All that the CookieMiner does is that it tries to create
combinations and try them in order to slide past the authentication process.
A cyber-con could treat such a vulnerable opportunity like a
gold mine and could win a lot out of it.
In addition to Google’s Chrome, Apple’s Safari is also a web
browser being openly targeted. As it turns out, the choice for the web browser
target depends upon its recognition.

The malware seems to have additional
malignancy to it as it also finds a way to download a “CoinMiner” onto the
affected system/ device.

Share this with Your friends:

Leave a Reply

Your email address will not be published. Required fields are marked *