54 billion cookies on the dark web. Pirates take important personal data

There are more than 54 billion cookies on the dark web. The number is frightening but real.

Brazil leads the way with over 2 billion, ahead of India and Indonesia.

Out of 244 countries/territories, Portugal was in 27th place with almost 223 million cookies, 28% of which were active.

The accounting comes from a study by NordVPN, a VPN service provider, which compiled data with independent experts - who used data collected from Telegram channels where hackers post the stolen information for sale.

Cookies are not cookies to eat, in this case. They are small text files containing fragments of data - often usernames and passwords - used to identify a computer while browsing the Internet.

On the one hand, they are essential, almost indispensable for surfing the net; websites already have information stored about the user, about their preferences.

On the other hand, cookies are one of the main weapons for hackers to steal data and gain access to protected systems.

And many people don't know what they're doing when they click "accept all cookies".

What's the danger? "Many people don't realize that if a hacker gets hold of your active cookies, they may not need your login details, passwords or even MFA (multi-factor authentication) to take control of your accounts," says Adrianus Warmenhoven, cybersecurity consultant at NordVPN.

Cookies carry another risk: that of having other confidential information, such as names or location.

Of the 54 billion cookies analyzed, 17% were active. In other words, more than 9 billion active cookies. The majority (2.5 billion) on Google, followed by 692 billion on YouTube and 500 million on Microsoft and Bing.

"Cookies from these large accounts are especially dangerous because they can be used to access other login information, for example by retrieving keywords, business systems or SSO," notes Adrianus Warmenhoven, in a statement sent to ZAP.

Hackers can get sensitive information through cookies: name, email, city, password and address were very common data in this analysis.

"If you combine this information with information on age, height, gender or orientation, you get a very intimate picture of the user, which can give rise to fraudulent schemes or targeted attacks," warns Adrianus Warmenhoven.

To avoid serious problems, there are some essential security steps to take: regularly deleting cookies, paying attention to the files you download and the websites you visit.