AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

Cookie Crimes and the new Microsoft Edge Browser

infonews

security

Source: Embrace The RedMay 1, 2020

Summary

Cookie Crimes is a known attack technique that exploits Chrome's remote debugging feature (a tool that lets developers control browsers from a distance) to steal cookies (small files that store login information and user data). Because Microsoft's new Edge browser is based on Chromium (the open-source code that powers Chrome), the same Cookie Crimes attack works on Edge with only minor changes, like replacing "chrome.exe" with "msedge.exe".

Solution / Mitigation

Blue teams should look for command line arguments like --remote-debugging-port and custom --user-data-dir to detect potential misuse of this feature in both Chrome and Edge. The author also suggested adding detections for this attack technique to Windows Defender, and notes that "there are more mitigation ideas in the previous blog post about Chrome" which readers should reference.

Classification

Attack SophisticationModerate

Original source: https://embracethered.com/blog/posts/2020/cookie-crimes-on-mirosoft-edge/

First tracked: February 12, 2026 at 02:20 PM

Classified by LLM (prompt v3) · confidence: 95%