Threat to Google Chrome Passwords: NPM Malware

NPM Malware
Share It On:

24th July 2021, Kathmandu

Threat to Google Chrome Passwords: NPM Malware. NPM malware was found exploiting passwords of Google Chrome.

It is a known incontrovertible fact that organizations and individuals should protect publicly exposed applications and services against latent threats. However, there are always weak links and threat actors are always on the lookout for straightforward ways to infiltrate a network. One of the ways to undertake so is by exploiting the trust placed in third-party code by developers. A software package from the npm repository has been spotted serving as a tool with an aim to steal passwords saved within the Chrome browser.

Security Analysts found the malware pilfering credentials from Chrome on Windows systems. The password-stealer package hears for incoming commands from the attacker’s command-and-control (C2) server and can upload files, record from a victim’s screen and camera, and execute shell commands as well, so, it is known to be multifunctional.

What’s up?

The malware was discovered utilizing legitimate password recovery tools on Windows systems which is capable of providing extra access to camera and screen, file lookup, directory list, file upload, and shell command execution. The packages are within the npm registry since 2018 and downloaded quite 2,000 times. Npm also holds numerous types of executables such as PE, ELF, and Mach-O, besides textual Javascript. ReversingLabs analysts, who published their discoveries in a Wednesday post, said that during an analysis of the code repository, they found an interesting embedded Windows executable file: a credential-stealing threat. Labeled “Win32.Infostealer.Heuristics”, it showed up in two packages: nodejs_net_server and temptest temp file.

For the time being, the first, main threat is nodejs_net_server.

Why it matters

For three years, the malware has inhabited the npm registry, which is a concerning factor. This threat vindicates the fact that attacks on open-source ecosystems are not going away anywhere. It also substantiates that the threats are capable of evading detection for long periods.

The bottom line

Npm as well as cybercriminals have also penetrated PyPI to illegitimately mine cryptocurrency. This latest news shows how developers sometimes put too much trust in third-party code. Public package repositories serve as a good hiding place for malware. Therefore, there is an increasing demand for security measures that would help promptly detect and protect against these threats.


Share It On:

Recent Posts

Ncell’s Innovative Approach: Cricket Powering Education in Nepal

Ncell’s Innovative Approach: Cricket Powering Education in Nepal

Share It On:28th November 2024, Kathmandu Ncell Foundation has announced an innovative partnership that combines the excitement of cricket with

realme Expands in Dang: Nepal Gets First Service Center

realme Expands in Dang: Nepal Gets First Service Center

Share It On:28th November 2024, Kathmandu realme, the most trusted technology brand, has inaugurated its 5th service center in Nepal,

Nammi EV Price Hike in Nepal: A Detailed Look at the New Costs

Nammi EV Price Hike in Nepal: A Detailed Look at

Share It On:28th November 2024, Kathmandu Nammi, the big hatch with five-star luxury, debuted the international launch of the right-hand-

NMB Bank’s Commitment to Cybersecurity: A Focus on Manager Training

NMB Bank’s Commitment to Cybersecurity: A Focus on Manager Training

Share It On:28th November 2024, Kathmandu The NMB Bank organized a special training session for its managers to strengthen their

WorldLink’s Digital Leap: €10M Investment from Finnfund To Expand Fiber Network

WorldLink’s Digital Leap: €10M Investment from Finnfund To Expand Fiber

Share It On:28th November 2024, Kathmandu WorldLink Communications Ltd., Nepal’s largest internet service provider, and a leading ICT company, has

Global IME Bank NYEF Startup Awards 4.0 Orientation: Over 170 Startups Register

Global IME Bank NYEF Startup Awards 4.0 Orientation: Over 170

Share It On:28th November 2024, Kathmandu The Nepalese Young Entrepreneurs’ Forum (NYEF) Kathmandu Chapter is thrilled to announce the successful