Professor
Professional
- Messages
- 589
- Reaction score
- 519
- Points
- 93
NordVPN analysts estimate that billions of stolen cookies are being sold on the dark web and Telegram. Around 7-9% of these cookies are still active and can be used by attackers.
According to researchers, criminals can currently purchase more than 93.7 billion cookies online.
NordVPN warns that the vast majority of stolen cookies (90.25%) contain identification data that is intended to identify users and deliver targeted advertising. Cookies may also contain data such as names, home addresses and email addresses, location data, passwords, phone numbers. However, it is noted that such information is present in only 0.5% of all stolen cookies.
Cookies can also contain information about user sessions. According to experts, more than 1.2 billion such files are still active (about 6% of the total), and they are generally considered the most serious problem.
Cybercriminals can use session cookies to impersonate other people on websites, authenticate to various services without using credentials, and in many cases bypass multi-factor authentication. Therefore, session cookies are very attractive to cybercriminals, who can use them to collect information from mailboxes, banking applications, corporate systems, and so on.
Cookies most often fall into the hands of criminals thanks to infostealers. The leader in this area, according to researchers, is the Redline stealer (44% of all detected cookies were associated with it). The second, third and fourth places on the list are occupied by Vidar, LummaC2 and Meta, although law enforcement agencies have taken action against the last two (as well as against Redline).
The cost of accessing these malicious tools is relatively low considering how much profit can be made from stealing users' digital assets. Lumma, for example, can be purchased for as little as $250, while Redline and Meta cost only $150 for the basic set of features.
Experts also recommend regularly updating devices and installing the latest patches on them if the priority is to prevent infection with stealers and other malware. It would also be a good idea to regularly clear your browser history and delete unnecessary cookies.
(c) Source
According to researchers, criminals can currently purchase more than 93.7 billion cookies online.
NordVPN warns that the vast majority of stolen cookies (90.25%) contain identification data that is intended to identify users and deliver targeted advertising. Cookies may also contain data such as names, home addresses and email addresses, location data, passwords, phone numbers. However, it is noted that such information is present in only 0.5% of all stolen cookies.
Cookies can also contain information about user sessions. According to experts, more than 1.2 billion such files are still active (about 6% of the total), and they are generally considered the most serious problem.
Cybercriminals can use session cookies to impersonate other people on websites, authenticate to various services without using credentials, and in many cases bypass multi-factor authentication. Therefore, session cookies are very attractive to cybercriminals, who can use them to collect information from mailboxes, banking applications, corporate systems, and so on.
Cookies most often fall into the hands of criminals thanks to infostealers. The leader in this area, according to researchers, is the Redline stealer (44% of all detected cookies were associated with it). The second, third and fourth places on the list are occupied by Vidar, LummaC2 and Meta, although law enforcement agencies have taken action against the last two (as well as against Redline).
The cost of accessing these malicious tools is relatively low considering how much profit can be made from stealing users' digital assets. Lumma, for example, can be purchased for as little as $250, while Redline and Meta cost only $150 for the basic set of features.
Experts also recommend regularly updating devices and installing the latest patches on them if the priority is to prevent infection with stealers and other malware. It would also be a good idea to regularly clear your browser history and delete unnecessary cookies.
(c) Source
