Beware! This malware can steal passwords, credit card info

If successful, the attackers would have full access to the victim's exchange account and/or wallet and be able to use those funds as if they were the user themselves.

Beware! This malware can steal passwords, credit card info
Web cookies are widely used for authentication. Once a user logs into a website, its cookies are stored for the web server to know the login status. Pixabay

Global cybersecurity company Palo Alto Networks has discovered a malware that is capable of stealing saved usernames and passwords in Google Chrome, saved credit card credentials in Chrome and iPhones text messages if backed up to a Mac.

The malware named "CookieMiner" is capable of stealing browser cookies associated with mainstream cryptocurrency exchanges and wallet service websites visited by the victims, said Unit 42, an arm of Palo Alto Networks. 

It steals saved passwords in Chrome and iPhone text messages from iTunes backups on the tethered Mac.

"By leveraging the combination of stolen login credentials, web cookies and SMS data, based on past attacks like this, we believe the bad actors could bypass multi-factor authentication for these sites," the researchers noted.

If successful, the attackers would have full access to the victim's exchange account and/or wallet and be able to use those funds as if they were the user themselves.

The malware also configures the system to load coinmining software on the system. 

Web cookies are widely used for authentication. Once a user logs into a website, its cookies are stored for the web server to know the login status. 

If the cookies are stolen, the attacker could potentially sign into the website to use the victim's account.

Watch This Zee Business Tweet Video

"Stealing cookies is an important step to bypass login anomaly detection. If only the username and password are stolen and used by a bad actor, the website may issue an alert or request additional authentication for a new login," said Unit 42 in a blog post on Thursday. 

However, if an authentication cookie is also provided along with the user name and password, the website might believe the session is associated with a previously authenticated system host and not issue an alert or request additional authentication methods.

Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.

RECOMMENDED STORIES

https://www.zeebiz.com/personal-finance/news-retirement-corpus-planning-sip-swp-monthly-pension-mutual-fund-investment-calculator-inr-rs-15000-investment-for-25-years-and-152000-income-in-month-for-30-years-tips-strategy-324109

Retirement Planning: SIP+SWP combination; Rs 15,000 monthly SIP for 25 years and then Rs 1,52,000 monthly income for 30 years

https://www.zeebiz.com/personal-finance/news-top-gold-etf-vs-large-cap-mutual-fund-sip-cagr-10-year-return-calculator-which-has-given-higher-return-on-inr-rs-1100000-investment-ntpc-hdfc-bank-aum-nav-324073

Top Gold ETF vs Top Large Cap Mutual Fund 10-year Return Calculator: Which has given higher return on Rs 11 lakh investment; see calculations

https://www.zeebiz.com/personal-finance/news-retirement-planning-corpus-monthly-sip-investment-calculator-40-years-of-age-inr-rs-50000-expenses-what-will-be-retirement-money-inflation-rate-of-return-tips-strategy-324093

Retirement Calculator: 40 years of age, Rs 50,000 monthly expenses; what should be retirement corpus and monthly investment

https://www.zeebiz.com/personal-finance/photo-gallery-sbi-444-day-amrit-vrishti-fd-vs-union-bank-of-india-sumvridhi-333-day-fd-maturity-return-interest-rate-calculator-amount-on-inr-rs-400000-lakh-and-800000-investment-for-general-senior-citizens-324056

SBI 444-day FD vs Union Bank of India 333-day FD: Know maturity amount on Rs 4 lakh and Rs 8 lakh investments for general and senior citizens

https://www.zeebiz.com/personal-finance/news-epfo-vs-sip-vs-ppf-retirement-planning-corpus-interest-rate-maturity-calculator-inr-which-can-create-highest-fund-on-inr-rs-12000-monthly-investment-80c-tax-benefits-mutual-fund-equity-debt-hybrid-324023

EPF vs SIP vs PPF Calculator: Rs 12,000 monthly investment for 30 years; which can create highest retirement corpus

https://www.zeebiz.com/personal-finance/news-home-loan-emi-interest-rate-repayment-vs-mutual-fund-sip-calculator-inr-rs-7000000-home-loan-emi-or-monthly-investment-for-10-years-which-can-be-easier-route-financial-planning-tips-strategy-323832

Home loan EMI vs Mutual Fund SIP Calculator: Rs 70 lakh home loan EMI for 20 years or SIP equal to EMI for 10 years; which can be easier route to buy home; know maths

https://www.zeebiz.com/personal-finance/photo-gallery-power-of-compounding-interest-mutual-fund-sip-retirement-corpus-planning-calculator-how-many-years-it-will-take-to-reach-inr-rs-20000000-with-3000-4000-and-5000-monthly-investment-market-linked-return-323948

Power of Compounding: How many years it will take to reach Rs 2 crore corpus if your monthly SIP is Rs 3,000, Rs 4,000, or Rs 5,000

https://www.zeebiz.com/personal-finance/news-new-credit-card-rule-from-november-1-sbi-icici-bank-change-rules-check-details-324078

New Credit Card Rules From November 1: SBI, ICICI Bank change rules - Check details

https://www.zeebiz.com/markets/stocks/news-anil-singhvi-bets-on-stocks-across-banking-chemical-pharma-for-samvat-2081-hdfc-bank-sequent-scientific-abfrl-aarti-industries-epack-durable-324207

Anil Singhvi's 5 stock ideas for Samvat 2081 for stellar gains

https://www.zeebiz.com/personal-finance/photo-gallery-power-of-compounding-interest-sip-retirement-corpus-calculator-how-much-fund-can-inr-rs-10000-monthly-investment-generate-in-20-30-40-years-mutual-fund-systematic-investment-plan-324076

Power of Compounding: How much corpus can Rs 10,000 monthly SIP generate in 20, 30, and 40 years

Written By: IANS
Updated: Fri, Feb 01, 2019
12:25 PM IST
San Francisco, IANS
RELATED NEWS
57% of all fraud incidents in India now 'platform' frauds: Report 57% of all fraud incidents in India now 'platform' frauds: Report
How to prevent phishing and email scams - Top tips | Don't fall prey to online scams How to prevent phishing and email scams - Top tips | Don't fall prey to online scams
'Think before your click!' Why SBI says this to its customers? Check details here 'Think before your click!' Why SBI says this to its customers? Check details here
Warning from Modi government! Large-scale cyber attacks using COVID-19 as bait - What you must know Warning from Modi government! Large-scale cyber attacks using COVID-19 as bait - What you must know
Income Tax Refund ALERT! Beware - Did you get this SMS? You will lose your hard-earned money if you do this Income Tax Refund ALERT! Beware - Did you get this SMS? You will lose your hard-earned money if you do this

By accepting cookies, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.

x