Pass-the-Cookie Attack
This is particularly relevant at this time of year when individuals access various sensitive accounts to prepare for filing taxes.
A newly identified malware attack poses a significant threat by hijacking accounts through the use of expired cookies stolen from web browsers. Even with robust security measures such as strong passwords and Multi-Factor Authentication (MFA), attackers can gain unauthorized access to accounts from different locations.
How pass-the-cookie attacks operate
A prevalent example of cookie hijacking occurs when a cybercriminal pilfers a user's cookie containing login credentials. Subsequently, these credentials are exploited to gain unauthorized access to the user's account. Cookies can be stolen through various means, including clicking on a link in an email (notably affecting Gmail in Chrome) or interception on an insecure (WiFi) network with malware installed on the victim's computer.
Google Chrome vulnerability
It is noteworthy that, as of now, there have been no reported compromises involving Apple computer users. However, victims seem to share the commonality of using the Google Chrome browser. While cookies streamline user experiences, they inherently carry a vulnerability. If a malicious actor extracts the right browser cookies, they could authenticate as another user in a separate web browser session on a different system, bypassing Multi-Factor Authentication.
Recommendations for secure practices:
Consider avoiding the use of Google Chrome or Chromium-based web browsers.
Refrain from opening emails in Gmail.com specially when using Google Chrome.
Routinely delete cookies, especially before and after accessing sensitive websites.
Avoid using public WiFi networks without a VPN.
Conduct regular malware scans on your computer.
Chrome vs Chromium
There are a lot of browsers in the market today. But, Google Chrome dominates the global browser market despite the diversity of browsers. Chrome is a web browser developed by Google whereas Chromium is an open-source software project also created by Google, whose source code serves as a building ground for many other popular browsers. Chromium vs. Chrome is a common debate. Even though their names look similar and are built by the same developer, they are different in many ways.
Examples of Chromium based web browsers:
Opera
Brave
Vivaldi
Microsoft Edge
Refrain from opening emails in Gmail.com
Some people really like using the web version of Gmail in a web browser using www.gmail.com. There is a risk that by clicking on a link or opening a file while being on the Gmail website the session cookies are stolen and send to the criminals. So far it appears the Chrome based web browsers are vulnerable.
It’s safer and in my opinion more convenient to use an email client like Apple Mail, Outlook, Thunderbird or any other program that downloads the emails to your computer.
Routinely delete cookies
A comprehensive approach is to use CleanMyMac X and use the options under Privacy to clean out the various web browsers. It also has a decent Malware removal tool and does a great job in maintaining your Mac in general.
Chrome:
Click on the 3 dots in the upper right corner
Clear Browser Data
Change “Time Range” to all time
Click “Clear data” button
Safari:
Click on “Safari” in the menu bar
Select Settings…
Privacy
“Manage website data…:
Wait, be patient!
Delete all data
Don’t use public WiFi networks without a VPN
When using WiFi in a hotel, coffeeshop and strangely enough Airport lounges encrypt your internet traffic by using a VPN that not only hides your location but actively filters the network for malicious website. Or skip the WiFi and hotspot your Mac to your iPhone and use the cellular network.
Recommended VPN providers:
Doesn’t keep logs and offers a private IP address which can help being rejected by some banks and websites. Make sure to enable to PIA Mace under privacy settings to block advertisements, known bad websites etc.
Based in Switzerland, they don't keep logs but don't offer a private IP address. However, they do provide a wide selection of options to block malware, ads, and bad websites, etc.
Conduct regular malware scans on your computer
First of all keep your Mac, iPhone and iPad up to date by installing software updates. Second is a good precaution to install a Malware / Anti Virus tool.
Recommended software:
Malware bytes (only the free version!)
CleanMyMac X also includes a Malware removal tool
Avoid Norton and McAfee !!!
