Google Chrome Passwords Compromised due to NPM Malware

Google Chrome Passwords Compromised due to NPM Malware

It is the duty of the organisation to protect the application and services that are publicly exposed against threats. Still there will always be vulnerabilities and weak links. Threat actors are always vigilant to exploit these vulnerabilities to easily compromise the security of the data. The trust that is placed in the third party developer. For example, the passwords saved in Chrome browser was compromised due to a software package from the npm repository.

The attack-

This malware used a password recovery tool on Windows Systems. What makes this tool very powerful is that it also has access to the Camera and screen, file lookup and directory list, shell command window, etc. The package was already in the npm registry for a long time and was downloaded more than 2000 times. 

The thing that matters in that the malware was around for three years before being detected. This demonstrates the fact that attacks on such open source ecosystems will remain and they have the capability to evade detection for a long time.


The latest incidents put light on the fact that developers tend to trust third party code too much. These public packages work as hiding places for malicious malwares. There is an increasing need for security specialists to look into the issue and come up with solutions to detect the malware and take measures against them with promptness.


IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!