Scanning Web Cookies – Kaspersky on Keeping You 100% SecuredDonna Marie Padua
You see them every time you open websites – pop ups asking you to allow cookies on your web browser. But what are cookies? Why do you need to accept web cookies? Why do experts have warnings against letting cookies in your browser?
A cookie is a text file that a Web site can install on your computer. Cookies enable a Web site to tailor pages presented to you by storing information about you in the cookie text file. The Web site can remember you for easy navigation and access during your return visits for products, services, and content. Advertisers may use this information to understand your Web surfing habits. Cookies are only text files and are NOT worms, viruses, or directly malicious, but they may have privacy implication.
Tracking Cookies are a specific type of cookie that is distributed, shared, and read across two or more unrelated websites for the purpose of gathering information or potentially to present customized data to you.
But not all cookies are tracking cookies. Tracking cookies are not harmful like malware, worms or viruses, but they can be a privacy concern. As an example, if you go to a Web site that hosts online advertising from a third-party vendor, the third-party vendor can place a cookie on your computer. If another website also has advertisements from the third-party vendor, then that vendor knows you have visited both Web sites.
Are these advertisers directly interested in your specific browsing habits? Most likely, not. The information is collected from over thousands or millions of users to determine overall trends in Web surfing.
Are Cookies Dangerous?
Contrary to what some users may think, cookies are NOT inherently malicious or dangerous. If you run a scan with your antivirus software and you find a tracking cookie, the tracking cookie does not represent a malware infection. These are low to minimal security issues. We have seen many security companies and free “Spyware Removal Tools” emphasize detection of cookies, calling them Spyware and Trackware and stating that you are “infected”, which is most unlikely to be the case. Cookies and the information they store are more related to privacy concerns.
To determine if the privacy concern is an issue for you, you need to decide if the benefits of today’s enhanced Web site customizations outweigh the sensitivity of the information being collected. This is very similar to the power and flexibility of using major search engine technology and giving your frequent shopper card at your local grocery store – each has potential benefits and downsides. A search engine is helpful for quickly and easily finding information, but the search engine companies could potentially know about the types of things you search for and which links you decide to go to.
We have grown accustomed to targeted information being presented to us, but our privacy is what may suffer as advertisers and corporations learn more about our Web surfing habits.
How Can a Cookie Threaten a Computer?
A cookie itself cannot harm the computer, as it does not and cannot hold code (therefore the cookie cannot perform an action itself). However, the cookie can support (help) malicious actions to be taken on the respective system. Even more, being a plain text file, they are vulnerable, meaning that they can be “harvested” by other applications.
Why is it Necessary to Scan Cookies?
As already mentioned the cookies themselves cannot harm the computer. However they can contain certain information to lead a possible attacker to the respective computer. For example: we will consider that an attacker releases a Trojan in the wild in order to gain control over several computers.
This Trojan’s payload contains in dropping a Backdoor (to open a port), changing the homepage of the browser and placing a “malicious” cookie in the browser’s cookie area. When the unsuspecting user launches the browser, then it automatically connects to the new homepage (namely the attacker’s website). Once this is done, the malicious cookie is being read and the attacker becomes aware of the fact that the computer is infected. By knowing this, it becomes a piece of cake to take over the computer using some exploits or the open port.
Let’s say that the user becomes aware of the infection and manages to remove the Trojan and the Backdoor from the computer. However, if the cookie remains on the computer, it can supply information again to the attacker if the user “manages” to access the untrusted web page again. The computer is therefore exposed once again to a possible attack.
As explained in the above scenario, the cookie is used to provide information about a computer but it is not responsible with the attack itself.
So it is always safe to run your antivirus to detect malicious intent. Among the hundred antivirus software out in the market, Kaspersky is always on the top 10 software pronounced by AV testing labs. Kaspersky antivirus software has scan features that can detect hidden threats, making web cookie scan highly successful.
Kaspersky Online Threat Detection
Kaspersky antivirus software‘s malware aced the most-recent tests by the three malware labs whose results we use, delivering excellent protection without any false positives.
Kaspersky antivirus got perfect 100% detection scores in both the zero-day and widespread malware categories that German lab AV-Test surveyed in May and June 2019. Norton, Trend Micro and Microsoft Defender matched those scores, although Norton racked up three false positives while the others had none.
In all of AV-Test’s bimonthly evaluations dating back to January 2017, Kaspersky failed to get a perfect score only once in 60 tests. Kaspersky was also perfect in Austrian lab AV-Comparatives’ February-May 2019 tests, detecting 100% of online malware with no false positives.
Finally, London-based SE Labs gave Kaspersky (along with ESET, Microsoft and Norton), its highest rating in tests conducted from April through June 2019. Each detected 100% of malware without any false positives, although Microsoft arguably won by a hair because the other three neutralized rather than blocked 1% of malware.
Other Types of Malicious Attacks Using Cookies
When talking about cookies it’s important to know how to protect cookies from other cookies or applications or how to protect a computer against cookie attacks. Due to the fact that cookies are necessary for browsing or the fact that the cookie traffic is invisible to the computer user, a “cookie control” module is needed to help the user. BitDefender Internet Security detects both viral and spyware attacks using the signature based mechanism. This feature is included in the default configuration of the product so that the customers are not required to perform further actions for this matter.