A new report from NordVPN reveals a disturbing 74% spike in stolen browser cookies, with cybercriminals amassing over 94 billion cookies — a sharp warning for online users.
These small files, which enhance browsing by storing login data and preferences, are now being exploited as digital keys by hackers to bypass traditional login systems.
Alarmingly, over 20% of these stolen cookies remain active, allowing direct access to user accounts.
Countries like India, Brazil, Indonesia, and the U.S. have been hit the hardest. Tech giants including Google (4.5 Billion cookies stolen), YouTube (1.33 Billion), Microsoft (1.1 Billion), and Bing (1 Billion) have seen massive breaches.
The most targeted data includes session IDs and assigned user IDs, essential for maintaining logged-in sessions.
The surge is driven by 38 malware types — three times more than last year — with Redline, Vidar, and LummaC2 leading the pack.
These info-stealers rapidly extract credentials while evading detection, fuelling identity theft, financial fraud, and widespread account takeovers.
Cybersecurity experts warn users to treat cookies as a real threat.
They recommend enabling MFA, avoiding suspicious links, using strong, unique passwords, keeping software updated, and regularly clearing cookies — as even closed browsers may leave sessions exposed.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
