Sunday, February 5, 2023
spot_img
HomeComputerGoogle Chrome Passwords Compromised due to NPM Malware

Google Chrome Passwords Compromised due to NPM Malware

It is the duty of the organisation to protect the application and services that are publicly exposed against threats. Still there will always be vulnerabilities and weak links. Threat actors are always vigilant to exploit these vulnerabilities to easily compromise the security of the data. The trust that is placed in the third party developer. For example, the passwords saved in Chrome browser was compromised due to a software package from the npm repository.

Table of Contents

The attack-

This malware used a password recovery tool on Windows Systems. What makes this tool very powerful is that it also has access to the Camera and screen, file lookup and directory list, shell command window, etc. The package was already in the npm registry for a long time and was downloaded more than 2000 times.

The thing that matters in that the malware was around for three years before being detected. This demonstrates the fact that attacks on such open source ecosystems will remain and they have the capability to evade detection for a long time.

Conclusion-

The latest incidents put light on the fact that developers tend to trust third party code too much. These public packages work as hiding places for malicious malwares. There is an increasing need for security specialists to look into the issue and come up with solutions to detect the malware and take measures against them with promptness.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -spot_img

Most Popular

Recent Comments

亚洲A∨精品无码一区二区观看 on Restaurant Scheduling 101 For Better Business Performance

Write For Us