×

Irish Information Security Forum

Cyber Alert: Stealing Cookies to Bypass Multifactor Authentication

ALERT!: Release date: 05-Nov-24

 

The FBI has recently issued a cyber alert warning about the increasing use of cookie theft to bypass MFA, a method that poses significant risks to both individuals and organizations.

 

When users log into a website and opt to stay signed in, a session cookie is created and stored in their browser. This cookie contains authentication information that allows users to remain logged in without re-entering their credentials. Cybercriminals have found ways to steal these cookies, enabling them to impersonate the user and gain unauthorized access to accounts without needing to pass through MFA again.

 

Common Cookie Theft mechanisms

 

  • Phishing Attacks: Attackers often use phishing emails to trick users into clicking on malicious links or downloading malware that can extract cookies from their browsers.
  • Malware: installed surepticiously on a victim's device, malware can search for and steal session cookies.
  • Man-in-the-Middle Attacks: In some cases, attackers intercept the communication between the user and the website, capturing the session cookie in transit.

 

 

To protect against cookie theft, the following mitigation strategies can be made use of

 

  • Use Security Software: Ensure all devices have up-to-date security software that can detect and block malware.
  • Regularly Update Software: Keep all applications and operating systems updated to patch known vulnerabilities.
  • Limit "Remember Me" Usage: Be cautious about using the "Remember me" option on websites, especially on shared or public devices.
  • Clear Cookies Regularly: Regularly delete cookies from your browser to minimize the risk of theft.
  • Educate Users: Train employees and users to recognize phishing attempts and other social engineering tactics.

 

As cyber threats continue to evolve, staying informed and proactive is crucial. The recent FBI alert about cookie theft to bypass MFA serves as a reminder of the importance of robust security practices. By understanding the threat and implementing effective mitigation strategies, individuals and organisations can better protect against this risk. 

 

>Read more about  common MFA methods and their relative security here

 

Read the FBI notice

FBI ALERT session cookie theft MFA

 

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter