Zombie Cookies

Zombie Cookie Definition
A zombie cookie is a type of persistent cookie that can recreate itself after being deleted. Unlike a regular cookie that stays confined to the browser’s cookie database file, a zombie cookie stores additional data in other locations. This enables the site to recreate the same cookie at a later time and continue tracking the same user’s activity.
How Zombie Cookies Work
When a user visits a site, it makes an entry in the browser’s cookie database. Then, it writes the cookie’s tracking ID into different parts of the browser’s storage. Popular locations include localStorage, IndexedDB, entity tags, or the browser’s memory cache. The next time the same user returns to the site, it checks all these locations. Once it finds a valid tracking ID, it recreates a cookie with the same tracking ID.
Where Zombie Cookie Can Be Used
Zombie cookies are used in the same way as regular tracking cookies. Advertisers use them to track users’ activity to better understand their interests and preferences and to serve targeted ads. Sites can use them to personalize users’ experience across subsequent visits.
How to Remove Zombie Cookies
- Adjust browser settings. Many browsers offer privacy features such as storage partitioning or strict site data blocking that can prevent zombie cookies from writing outside of the cookie database.
- Use browser extensions. Both Chromium- and Firefox-based browsers have extensions that can clear all the locations used for zombie cookies or block them entirely.
- Clear browser cache. Regularly clearing your browser’s cache and other saved browsing data helps remove possible zombie cookie remnants.
Read More
FAQ
No, they’re not. Similarly to viruses, zombie cookies can store pieces of data in different locations and regenerate from those sources after being deleted. However, unlike viruses, zombie cookies themselves don’t proliferate further and aren’t harmful to devices. They’re used to track user activity, usually for advertising or personalization purposes.
It depends on the local jurisdiction of the users and site in question. Many legal guidelines like the GDPR implicitly prohibit zombie cookies because they require websites to get user consent before storing cookies on their device. Zombie cookies might breach this prohibition by automatically regenerating when the user visits the site again.
No, they’re not. Persistent cookies are cookies that remain in storage after the current session is over. They have an expiration date, and they can also be manually and permanently deleted. A zombie cookie is a particularly aggressive persistent cookie that stores additional data in secondary locations so it can be recreated after deletion.
