Every time you visit a website such as Yahoo, Google, Microsoft or your favourite shopping site a cookie is left behind in your browser. This in itself is a harmless text file that merely stores information about your visit, your login and use of the site. Most websites force the use of cookies so it is not feasible to turn off cookies in browser settings. Deleting your browser cache when you close your browser removes some simple cookies but not persistant cookies.

So what’s the danger of a text file with no ability to run a program (executable)? A cookie can contain information useful to an attacker to enable the computer to be re-infected when the original virus infection is removed. Being an insecure text file cookies can easily be harvested by malicious programs. When a virus or backdoor trojan infects a computer it will install a malicious cookie, in part to facilitate re-infection in the future, particularly if the user visits one of the websites where the original infection came from.

Virus analysts have also identified exploits in common browsers where information can be harvested from cookies to gather login information to various websites the customer is using.

Currently, the best antivirus program that scans for and removes malicious text files such as cookies is Bitdefender. You can download a copy here.