Cookies from different browsers in WowUp Curseforge AppData cookies database file

[c619256]

I came across the WowUp Curseforge cookie database by chance. It seemed strange to me that the file was so large. Actually, the application should only contain cookies that WowUp needs to run properly. Strangely, however, the cookie database also contains cookies that are responsible for Google authentication, for example, even though I am not logged into the application anywhere. In addition, these are stored in a decrypted form (normally cookies are stored encrypted in chromium-based browsers).

In general, this seemed quite strange to me. So I wanted to use the procmon programme to check whether the application was accessing Edge's cookie database and indeed it was. The programme also tries to access cookie databases from other browsers.

As I think this is a very strange behaviour for an application that manages Wow addons, I would like to know if this is an undesired behaviour and if not why the access to cookies of browsers is necessary. It should be noted that only the WowUp Curseforge client exhibits this behaviour. The normal one does not show this behaviour.

[jliddev]

I will run this by the Overwolf team who creates the electron build that powers this CF version of the app.

[c619256]

Thank you. If you need any more information feel free to ask.

[fzarr]

Any follow-up here? Assuming its not malware on the OP's machine, Overwolf would want to have a very good reason for doing this.

[c619256]

@jliddev is there any new information from the Overwolf team regarding this topic?

[cremor]

This is concerning. @jliddev could you please provide an update? If the Overwolf team didn't respond, could you please ask them again?

[jliddev]

The answer to the question per the OW team:

So it should have quit doing that a while ago. I just failed to provide an update here.

[cremor]

I assume this is now fixed with 2.20.0-beta.2?
If so, where can I find the cookie database to clear it?