Cybercriminals Are Stealing Cookies to Bypass Multifactor Authentication.

People been doing this since facebook login was plain old http

fbi.gov/contact-us/field-offices/atlanta/news/cybercriminals-are-stealing-cookies-to-bypass-multifactor-authentication

That's a weird URL.

Just FYI Firefox can be set to default to private mode. Can't steal what you don't have