People are at risk of being attacked because of millions of cookies that were exposed on the dark web, which hackers can exploit to circumvent passwords.
Most people consider cookies to be an unpleasant but necessary part of internet browsing.
But now, hackers use them as a vital tool to obtain sensitive system access and steal data.
According to statistics made public by cybersecurity company NordVPN, 14 million of the 54 billion cookies that have been exposed on the dark web are from the UK.
Adrianus Warmenhoven, the company’s cybersecurity advisor, stated: “We see cookies as an essential, if irksome, aspect of using the internet because of the cookie consent popups.”
‘However, many don’t realise that if a hacker gets hold of your active cookies, they might not need to know any logins, passwords, and even MFA to overtake your accounts.’
Cookies are the only way for a device to know who is using it.
‘To put it simply, once the user logs in with a password and MFA, the server gives the user a cookie,’ says Mr Warmenhoven. ‘And the next time the same user comes back with this cookie, the server recognizes the cookie and knows that this user has already logged in – so there’s no need to ask for the same information again.’
This means if an active cookie is leaked online, an attacker could log into your account without a password or MFA.
And cookies can hold much more information than just a username and password.
People’s names, age, gender, locations, orientation and size are among the wealth of data cookies collect.
‘If you combine all of these details, you will get a very intimate picture of the user, which can allow for well-targeted scams or attacks,’ said Mr Warmenhoven.
From the 54 billion leaked cookies analysed, 17% were active – but that rose to 56% of the UK cookies.
More than 2.5 billion of the cookies were from Google, with another 692 million from YouTube and over 500 million came from Microsoft and Bing.
‘Cookies from such core accounts are particularly dangerous because they may be used to access further login details through, for example, password recovery, corporate systems, or SSO,’ said Mr Warmenhoven.
There were 154 million authentication and 37 million login cookies.
NordVPN also found that name, email, city, password and address were
the most common words found in the personal information category.
Around 12 different types of malware were used to steal the cookies, with almost 56% collected by Redline – an information stealer and keylogger.
However, Mr Warmenhoven also shared information on how to protect yourself from a cookie attack.
‘It’s a good idea to regularly delete cookies to minimise available data that can be stolen,’ he said. ‘Also, be aware of files you download and websites you visit – being vigilant can minimise your risk.’
How to clear your cookies
Clearing out your cookies is easy, and can be done on any browser through any device. For Google Chrome and on Safari, the process is a
On Google Chrome:
- Go to the three vertical dots in the top right-hand corner of your browser page
- Go on Settings
- Select Privacy and security
- Click on Clear browsing data
- Check on cookies, and other side data and select the time range you want to clear
- Click on clear data
In Safari:
- Open Safari
- Click on Safari on the Apple menu bar
- Select Settings, then privacy, and then the manage website data
- Click on Remove all
