Facebook has long been a target for malware scams intended to steal users’ data, but a new scheme has emerged that preys upon an often-overlooked part of the web experience — our browser cookies.

According to security firm Kaspersky, they’ve uncovered a new family of malware programs dubbed Cookiethief. These programs work by stealing users’ browser cookies — normally considered harmless — and then using them to impersonate Facebook account holders. The researchers also found a second branch of the attack that creates a proxy on the victim’s device to make their requests appear legitimate to Facebook. However, the team said that there does not appear to be a vulnerability in Facebook itself that these hackers are exploiting.

“By combining these two attacks, cybercriminals can gain complete control over the victim’s account and not raise suspicion from Facebook,” the Kaspersky researchers said. “From there, the criminals can pose as the victim and take control of their social networking account to distribute undesirable content.”

It’s difficult to defend yourself against hacks like this, but it can help to take common security measures like turning on two-factor authentication and simply being careful about what content you click and share on your feed. These safeguards aren’t perfect, but we ultimately have to look after ourselves when it comes to our digital security.

Recommended Resources

The Choice of Tech Experts Worldwide. Try 90 days free of Bitdefender 2020 and experience the highest level of digital safety.

Private Internet Access is an award-winning, cost-effective VPN solution. The use of an anonymous and trusted VPN is essential to your online privacy, security and identity protection.

System Mechanic 14 – Make your computer run like new. Winner of 200+ Editor’s Choice awards!