May 21, 2022
Google Chrome Passwords Compromised due to NPM Malware

It is the duty of the organisation to protect the application and services that are publicly exposed against threats. Still there will always be vulnerabilities and weak links. Threat actors are always vigilant to exploit these vulnerabilities to easily compromise the security of the data. The trust that is placed in the third party developer. For example, the passwords saved in Chrome browser was compromised due to a software package from the npm repository.

The attack-

This malware used a password recovery tool on Windows Systems. What makes this tool very powerful is that it also has access to the Camera and screen, file lookup and directory list, shell command window, etc. The package was already in the npm registry for a long time and was downloaded more than 2000 times. 

The thing that matters in that the malware was around for three years before being detected. This demonstrates the fact that attacks on such open source ecosystems will remain and they have the capability to evade detection for a long time.

Conclusion-

The latest incidents put light on the fact that developers tend to trust third party code too much. These public packages work as hiding places for malicious malwares. There is an increasing need for security specialists to look into the issue and come up with solutions to detect the malware and take measures against them with promptness.

Leave a Reply

Your email address will not be published.