Site icon WinCert

Dark Web flooded with stolen browser cookies

<p>A new report has uncovered that billions of stolen browser cookies&comma; or small data files used by websites to manage sessions and logins&comma; are circulating on the dark web&period; These files&comma; often overlooked by users&comma; are being exploited by cybercriminals in growing numbers&period;<&sol;p>&NewLine;<p><img class&equals;"alignnone size-full wp-image-4335" src&equals;"https&colon;&sol;&sol;www&period;wincert&period;net&sol;wp-content&sol;uploads&sol;2021&sol;09&sol;hacker-6512174&lowbar;640&period;jpg" alt&equals;"" width&equals;"640" height&equals;"400" &sol;><&sol;p>&NewLine;<p>The research estimates that around 94 billion cookies are currently available in dark web markets&period; A large portion&comma; about 42 billion&comma; was harvested by Redline&comma; a well-known type of malicious software designed to steal data&period; Fortunately&comma; most of these are no longer usable&comma; with only about 6&percnt; still active&period;<&sol;p>&NewLine;<p>Other malware families&comma; such as Vidar and LummaC2&comma; have also contributed billions of stolen cookies&semi; however&comma; only a small percentage remain active&period; The exception is CryptBot&comma; which managed to steal 1&period;4 billion cookies&comma; and shockingly&comma; over 80&percnt; of those are still valid&period; This makes it particularly dangerous&comma; as these cookies can be used immediately by attackers&period;<&sol;p>&NewLine;<p>This isn’t the first time such a threat has been flagged&period; In 2024 alone&comma; 54 billion stolen cookies were found worldwide&comma; and the trend appears to be accelerating&period;<&sol;p>&NewLine;<p>The content of these cookies often includes sensitive data&period; Common terms found in the stolen files include &OpenCurlyDoubleQuote;ID&comma;” &OpenCurlyDoubleQuote;session&comma;” &OpenCurlyDoubleQuote;Auth&comma;” and &OpenCurlyDoubleQuote;login&comma;” indicating that many could allow attackers to take control of active user sessions&period; With this access&comma; criminals don’t need usernames or passwords to break into accounts&period;<&sol;p>&NewLine;<p>The risks are serious&period; Stolen cookies can allow hackers to bypass security checks&comma; hijack social media profiles&comma; evade two-factor authentication&comma; and even access online banking or business platforms&period; In short&comma; what might seem like a harmless file saved by your browser could be a backdoor for cybercrime&comma; especially if it&&num;8217&semi;s still active and tied to your online identity&period;<&sol;p>&NewLine;

Exit mobile version