Which term describes malware that hijacks a user session by stealing cookies?

Cookie-based session hijacking relies on stealing a valid session identifier to impersonate a user, often happening during the brief window when malware is active in memory. Non-persistent viruses are designed to live only in memory and disappear after a reboot, performing their actions during that short window. This matches the idea of hijacking a session via stolen cookies for a limited time, rather than lasting indefinitely on the system. In contrast, a persistent virus stays on the machine after reboot and could provide continued access; armored viruses focus on evading detection, not on a specific technique like cookie theft; and an email virus’s main goal is propagation, not hijacking sessions.