Normally hackers put their sights on what has more users. It is a way to ensure a greater probability of success, logically. Today we echo a new threat that puts the personal data of Facebook and Amazon users at risk. It is a Trojan that is distributing and is able to steal session cookies from both the Facebook and Amazon social network .
PDFreader, the Trojan that steals cookies from Facebook and Amazon
This is PDFreader , a Trojan that has been detected by MalwareHunterTeam and is designed to steal session cookies from Facebook and Amazon. As we know, it is one of the most popular and used social networks, as well as one of the most important e-commerce companies today.
This Trojan is also able to steal confidential data from the Facebook ad manager. It is distributed as a PDF reader, but in reality it is malicious software that aims to scam users who install it.
According to security researchers, this Trojan has similar characteristics to other Trojans for the same purposes. This makes researchers believe that it is really a new and improved variant.
The Trojan accesses the SQLite Cookies database in both Firefox and Chrome and in this way can steal Facebook cookies. This is your first option, but you will also be directed to the social network ad manager. From here, once you connect to Facebook, start the process to extract information from a series of URLs.
Stolen data consists of session cookies, access tokens, account identifiers, email address, pages or even bank card, paypal or ad balance data. All of that is sent to a server controlled by the attackers.
Steal Amazon session cookies
But it doesn’t just focus on Facebook, as we have seen. This Trojan called PDFreader also points to Amazon session cookies . Although it is not your main objective it will try to collect information from this e-commerce platform.
In this case, it simply attacks Amazon session cookies . I could access all the information regarding the account of this platform.
It is usually distributed through fake messages where we are invited to download a program to read PDF. It appears in illegitimate places or that have previously suffered an attack. Keep in mind that this Trojan acts silently and in the background, so we will not know that it is really acting.
Our advice is always to download software from official sites. Avoid third-party sites that may compromise our security. In the same way it is important to have security tools that can protect us, as well as to have the latest patches and updates available. Only in this way can we avoid possible vulnerabilities that can be exploited.