Malware Cookies?

malware cookies?

 

maybe, as in the cookies that are not wanted or associated with malware etc etc

 

http://www.pandasecurity.com/homeusers/security-info/classic-malware/others/

 

i disagree with the above statements as i received those cookies visiting well known trusted websites and even if i did visit dodgy sites the cookies listed in that log are not harmful in any way.

with regards to this quote

that analogy can be applied to any file on ones computer. personally i just think its scare mongering as that result log is from panda's online scanner and the same system scanned with panda cloud did not class the cookies as malware as there is no need to scare monger when a client is already using panda cloud

but hey, what do i know

 

Many people probably don't know about the existence of cookies (web browsers do allow them by default... so... ), and millions of users could have their systems infested with tracking cookies?

Maybe they shouldn't be tagged as being malware. But, maybe it comes from maliciously aware - tracking companies are maliciously aware that they're tracking you.

 

You certainly don't have to visit dodgy sites to pick up cookies from third party advertising firms that use those cookies to track your web wanderings and profile you. On one hand the term 'malware' doesn't seem to fit well, but on the other hand such cookies are most definitely considered harmful to those attempting to minimize their exposure to such tracking and profiling.

 

i have third party cookies disabled so is it possible that they still got through? however i understand the word malware means (malicious software) and i would never class cookies as malware no matter how paranoid i am.

cheers for the info fellas

 

That's makes it fun and interesting. You have a mystery to solve

If you (still) have them I would inspect them in order determine if they are in fact ordinary cookies (vs local storage object, flash LSOs) and what domains they were set for.

I would probably try to find a sophisticated third-party cookie setting test tool and make sure you browser passes all of the tests.

It wasn't long ago that there were various reports about Google and other's bypassing third party cookie blocking features of some browsers. You might look into if/how yours was involved.

If you are using Windows and those were IE cookies, perhaps it is possible you acquired them when a program on your computer used the Web Browser Control(?).

Perhaps you got hit when clicking on an ad, clicking on a switcheroo link, something like that?

I can't think of one off the top of my head, but maybe there is a cookie blocker that allows you setup a trigger to detect the setting of a cookie for a specific domain and it will alert you if that specific trigger fires. You could set one up and see if you can zero on in specifically what causes you to get the cookie of interest. Without having to endure alerts for cookies that aren't of interest.

 

Not that long ago... Shameful behavior!

You know, there's something rather funny with Internet Explorer 9 and Tracking Protection Lists... or maybe something else was involved... No idea... But, the other day I was making some search in a relative's laptop, using Internet Explorer 9 with a few TPLs.

I know that if you have all cookies blocked, but if a TPL allows communication to a given domain, then the cookie will still be set.

I don't know if it was related to this, as I still didn't have time and availability to research all the TPLs in my relative's laptop, but I went to -https://secure.dshield.org and according to their own test, and according to IE's own privacy tool, cookies were being allowed from -https://secure.dshield.org

Even after explicitely adding the domain to the blocked sites cookie list, it still allowed the cookies.

On the other hand, with Chromium such does not happen. Both Chromium and DShield own test tool reveal cookies as not being set. As it should happen.

 

Not that we have all this free time to test everything, but you do have to test stuff to know if it really works as advertised and make sure no bugs have crept in. I'm glad you mentioned IE TPLs because I haven't been keeping abreast of their evolution and one of these days I should figure out if what I do on the FF side can be duplicated on the IE side. That will now be... crap... item #65 on my todo list.

 

what about using a host file like mvps

 

I explicitly block cookies from bing.com and have never had a Bing cookie set on my machine. Or are you trying to say you had a TPL that allowed content from dshield.org? That wouldn't matter at all because TPL's don't kick in for first party content.

If it makes a difference: My cookie handling is set to custom: Allow 1st party, block 3rd party.

 

As I mentioned, I didn't have time to research if any of the TPLs have any dshield entry (Fanboy's TPLs). But, from what I could verify moments ago, it doesn't have any *.dshield.org entry. Which would be odd if any entry was there, because as you pointed out, TPLs will only block third-party content.

So, the issue is another one.

All cookies are being blocked in IE9, but I could see that dshield had set cookies, by checking IE9's own privacy tool functionality (I don't know the exact name lol, but you probably know what I'm talking about). Even after blocking using IE9's tool to prevent the cookies from being set, they were still being set. I even cleaned temporary internet files and reopened IE9. The cookies were still being set.

In fact, when going to here -https://secure.dshield.org/tools/browserinfo.html I could see that it reported that it set cookies as well.

Even after explicitely blocking the domain names related to dshield. Pretty crazy.

With Chrome it didn't happen. (I also checked it on my relative's system at the time.)

 

IIRC, there was once a time when IE's cookie blocking feature only blocked the setting of cookies and not the sending of already set cookies. I don't know if that still applies or relates to what you are saying, but I thought I'd mention it.

 

I just finished retesting it a few seconds ago, and this time IE9 blocked the cookies without problems.

Not sure what happened the other day.

Anyway, but anyone using Tracking Protection Lists should be aware that, even if they're blocking third-party cookies, if a TPL allows connections to such third-party domains, the cookies will be allowed. Unless Microsoft changed that behavior, of course.

 

Just Marketing tactics?

 

malware or not I love cookies......I have them for breakfast....

 

Can't say that's the healthiest start to the day!