Cybersecurity experts have raised alarms over a significant data privacy risk following a recent investigation revealing that over 93.7 billion stolen internet cookies are being sold on the dark web. This alarming report from NordVPN, in collaboration with threat exposure management platform NordStellar, showcases the extent to which cybercriminals exploit web cookies—small files used by websites to store user browsing data.
Research conducted between April 23 and April 30, 2025, details how the analysis of Telegram channels amassed a staggering dataset of 94 billion cookies. By examining these cookies, researchers identified key metrics including the cookies’ status, country of origin, and the type of malware used for theft. Importantly, they did not purchase these cookies nor delve into their contents.
Among the data uncovered, significant threats emerged with personal identifiers attached to 18 billion cookies being linked to assigned IDs and roughly 1.2 billion associated with session identifiers. This information is crucial as a stolen session ID allows cybercriminals immediate access to user accounts, potentially without requiring a password. Alarmingly, 15.6 billion of these compromised cookies remained active, heightening the risk for users.
The breach predominantly involved major online platforms, with Google services responsible for approximately 4.5 billion stolen cookies, while YouTube and Microsoft each accounted for over a billion. Various types of malware, particularly infostealers, trojans, and keyloggers, were used in these thefts, with a significant portion attributed to the Redline malware.
As the cyber threat landscape evolves, cybersecurity experts advise users to adopt protective measures against this growing vulnerability. Adrianus Warmenhoven of NordVPN states, “Cookies may seem harmless, but in the wrong hands, they’re digital keys to our most private information.” As such, it becomes crucial for users to regularly clear browser cookies, reject unnecessary tracking cookies, and utilize security tools such as VPNs and anti-malware software to safeguard their data.