1.5 Billion Cookies From American Accounts Found on the Dark Web

NordVPN's latest research reveals a staggering leak of 54 billion web cookies, with at least 1.5 billion originating from the United States.

This massive breach exposes a significant vulnerability in digital privacy and security, as cookies—small data files used by websites to remember users and maintain session information—are a prime target for hackers. These files can contain sensitive information, including session identifiers and personal data, making them valuable for cybercriminals seeking unauthorized access to user accounts.

Adrianus Warmenhoven, a cybersecurity advisor at NordVPN, emphasized the critical nature of the issue, pointing out that stolen cookies can allow attackers to bypass traditional security measures such as passwords and multi-factor authentication (MFA), granting them direct access to users' online accounts. The research found that 17% of the analyzed cookies were still active, significantly increasing the risk of account hijacks and personal data exposure.

Among the leaked cookies, those associated with major services like Google and YouTube were deemed especially dangerous due to their potential to unlock further access to users' online presence and sensitive corporate or personal information. The data collected from dark web markets underscored the widespread impact of cookie theft, affecting users worldwide.

NordVPN's investigation, conducted with independent cybersecurity researchers, employed data from Telegram channels used by hackers to trade stolen information. This approach provided insights into the scale of cookie theft, the types of cookies involved, and the malware used to steal them—highlighting the predominance of the Redline info-stealing malware in these activities.

To protect against these threats, NordVPN recommends adopting good digital hygiene practices, such as regularly deleting cookies, exercising caution online, and using security tools from reputable vendors.

Google adds cookies protections on Chrome

In response to the growing threat of cookie theft, Google is pioneering a new security feature called Device Bound Session Credentials (DBSC).

This initiative aims to enhance online security by making stolen cookies useless to attackers. DBSC binds authentication sessions to the user's device, requiring proof of possession of a private key, which is securely stored and hard to export.

This approach not only counters cookie theft but also respects user privacy by ensuring sessions cannot be tracked across different activities. Google's commitment to developing this as an open web standard, with broad industry support, marks a significant step toward a more secure digital environment.

The introduction of DBSC, along with its integration into Chrome and potential application across Google's services, represents a forward-thinking strategy to safeguard user data against the evolving tactics of cybercriminals.