From kalilinuxtutorials.com
![EvilApp : Phishing Attack Using An Android Application](https://i1.wp.com/1.bp.blogspot.com/-kOSn2ZD-Ieg/XsytZfh35AI/AAAAAAAAGfw/Jkg43SZvIXIorNC8Mo45LBw7i8UTfP2AwCLcBGAsYHQ/s1600/EvilApp%25281%2529.png?w=640&ssl=1)
Man-in-the-middle phishing attack using an Android app to grab session cookies for any website, which in turn allows to bypass 2-factor authentication protection. EvilApp brings as an example the hijacking and injection of cookies for authenticated Instagram sessions.