Over 54 Billion Cookies Found Leaked To The Dark Web
Cybersecurity Tools Can Nix Malicious Activities
A new study has revealed a staggering figure: over 54 billion cookies have been leaked on the dark web. While cookies are commonly associated with web browsing, hackers’ exploitation poses significant risks to user privacy and security.
The leaked cookies, originating from more than 150 countries worldwide, underscore the global prevalence of this cybersecurity threat. Notably, Brazil, India, and Indonesia topped the list of countries with the most leaked cookies, highlighting the extensive reach of these malicious activities.
The Middle East region did not rank among the worst affected, but over 30% of stolen cookies remain active in the area.
According to the study by independent researchers and NordVPN, this suggests a significant risk to user privacy and underscores the urgent need for heightened cybersecurity measures.
Adrianus Warmenhoven, a cybersecurity advisor at NordVPN, explained the potential dangers of stolen cookies.
“Many individuals view cookies as a necessary inconvenience online, failing to recognise their susceptibility to exploitation. In the wrong hands, active cookies can grant unauthorised access to user accounts without login credentials or multi-factor authentication (MFA),” Warmenhoven warned.
Attractive To Hackers
What exactly are cookies, and why do hackers prize them?
Warmenhoven explained: “Cookies are unique identifiers that facilitate user authentication and website session management. When a user logs in, the server assigns a cookie, enabling seamless recognition upon subsequent visits. However, if these cookies are stolen, malicious actors can exploit them to gain illicit access.”
Analysing the nature of the leaked cookies, Warmenhoven stressed the substantial volume of personal data at stake. Furthermore, cookies associated with significant platforms such as Google and Microsoft pose heightened security concerns, as they could be leveraged to access sensitive information.
The dataset contained over 2.5 billion cookies from Google, 692 million from YouTube, and 500 million from Microsoft and Bing.
The largest keyword category (10.5 billion) was ‘assigned ID,’ followed by ‘session ID’ (739 million). These cookies are assigned or connected to specific users to keep sessions active or identify them on the website to provide services. These were followed by 154 million authentication and 37 million login cookies.
Name, email, city, password, and address were most common in the personal information category.
“If you combine all of these details with age, size, gender, or orientation, you will get a very intimate picture of the user, which can allow for well-targeted scams or attacks,” said Warmenhoven.
The study also shed light on the methods employed by hackers to obtain these cookies, with up to 12 different types of malware identified. Redline collected most cookies, which are prevalent infostealers and keyloggers.
Mitigating Risks
In light of these revelations, Warmenhoven recommended proactive measures to mitigate risks associated with cookie theft.
Users can safeguard their privacy by regularly deleting cookies and exercising caution while browsing the internet. Additionally, leveraging cybersecurity tools can provide an added layer of defence against malicious activities.
The study’s data was compiled by independent researchers specialising in cybersecurity incident research. The researchers used data gathered from Telegram channels where hackers advertise what stolen information is available for sale.
This led to a dataset of information about over 54 billion cookies. Researchers analysed whether the cookies were active or inactive, which malware was used to steal the cookies, which country they were from, and what data they contained concerning the company that made the cookies, the user’s OS, and keyword categories assigned to users.
Featured image: Hackers employed up to 12 different types of malware to obtain billions of cookies. Credit: Philipp Katzenberger
