Simple but dangerous strain of Android malware has been found in the wild that steals users’ authentication cookies from the web browsing and other apps, including Chrome and Facebook, installed on the compromised devices.
Dubbed “Cookiethief” by Kaspersky researchers, the Trojan works by acquiring superuser root rights on the target device, and subsequently, transfer stolen cookies to a remote command-and-control (C2) server operated by attackers.
Mitigation: To be safe from such attacks, it’s recommended that users block third-party cookies on the phone’s browser, clear the cookies on a regular basis, and visit websites using private browsing mode.
Source: TheHackerNews