**The ATP Cookie tool, which is widely used in the Vietnamese MMO (make money online) world, is suspected of taking customers’ personal data and sending it to the server.** An expert of the online security project Chongluadao. vn detected unusual cookie data collection on ATP Software’s tools. This software is a popular extension application, widely used by the managers of many fanpages, MMO people (make money online) in Vietnam. Initially, ATP Software explained that taking this data to serve SEO (search optimization) tricks, effective advertising. However, this defense is considered by security experts to have many vulnerabilities. ## Silently collecting data Mr. Chi Tran, a security expert, a member of the Chongluadao.vn project recently detected unusual activity in the way the ATP Cookie software works. This is originally an Extension (Extension Tool), which works in the browser. This application is quite popular in Vietnam, applied in managing fanpage, tracking customers, making money online… According to research by Mr. Chi, after users install this Extension into the browser and grant permissions. works, it will automatically initialize and exploit Facebook, Zalo account login cookies. Cookies are files created by websites. It saves personal related information such as login accounts, for later use. However, the data collection behavior of ATP software is unusual because the tool retrieves login data of many other accounts on the user’s browser, besides the working website, which is Facebook. In addition, the Extension is designed to encapsulate this sensitive data, send it to the server, potentially posing many security risks. Talking to *Knowledge Online,* security expert Ngo Minh Hieu (Hieu PC), said that it is unnecessary for an extension software to take login data and bring it back to the server, which affects the individual interests of the client. “Sending tokens, user login cookies to the server is not recommended behavior in ensuring information security. This data can completely be processed right on the client-side (service page) through the Extension”, a representative of Chongluadao.vn shared. In addition, the extension developed by ATP Software is not software approved by Google. To install, users must download the external file, install in developer mode. ## Explanation of ATP Software After the above information was published to the community, the ATP Software side explained via email that sending data to the server is for SEO purposes and to promote more of this company’s products. to users, through the website. However, the security expert of Chongluadao.vn, said that the developer’s explanation lacks evidence. Accordingly, the collected data may be used, traded, and difficult to control. In addition, current evidence shows that storing user cookie data on the server is a violation of Vietnamese law. On the morning of July 3, ATP Software sent an email to respond to the aforementioned security issue. Business representatives acknowledge errors in software design, automatically access and save customer access history. “Part of the problem is that the ATP team lacks security and server management knowledge, leading to the failure to grasp the problem. However, we do not have any code inserted with the intention of storing customer cookies,” the software company responded. This unit said it will soon update and fix the aforementioned software version to fix the problem. At the same time, the company recommends that users should uninstall existing applications on the browser to avoid security risks. In fact, the company’s software is mostly a paid service. To use, customers have to spend 1-5 million VND or rent monthly to use.