While any session cookie can be a target, certain platforms are frequently mentioned in cybersecurity reports: Cookie Logger Explained for Cybersecurity Pros and Learners

: It often spreads through phishing emails disguised as invoices or order confirmations, or through untrusted downloads on platforms like Discord or Telegram.

: The stolen data is sent to a remote Command and Control (C2) server controlled by the attacker.

The primary goal of a cookie logger is to "harvest" sensitive authentication tokens stored locally on your machine.