Η Google he said a new Chrome security feature called 'Device Bound Session Credentials'. The new security feature that binds cookies to a specific device blocks them maliciousangry users from being stolen and used to compromise user accounts.
Cookies are files that websites use to remember your browsing information and preferences and to automatically connect you to a service or website. 
These cookies are created after you sign in to a service and verify multi-factor authentication, allowing you to bypass multi-factor authentication (MFA) on future logins.
Unfortunately, attackers use malware to steal these cookies, thereby bypassing MFA to compromise connected accounts.
So to solve this problem, Google has prepared a new feature called Device Bound Session Credentials (DBSC) which makes it impossible for attackers to steal your cookies by cryptographically binding authentication cookies to the device your.
After enabling DBSC, the authentication process is bound to a specific public/private key pair generated using your device's Trusted Platform Module (TPM) chip, which cannot be exported and is stored with better safety on the device. So even if an attacker steals cookies, they won't be able to access your accounts.
