Threat to Google Chrome Passwords: NPM Malware

NPM Malware
Share It On:

24th July 2021, Kathmandu

Threat to Google Chrome Passwords: NPM Malware. NPM malware was found exploiting passwords of Google Chrome.

It is a known incontrovertible fact that organizations and individuals should protect publicly exposed applications and services against latent threats. However, there are always weak links and threat actors are always on the lookout for straightforward ways to infiltrate a network. One of the ways to undertake so is by exploiting the trust placed in third-party code by developers. A software package from the npm repository has been spotted serving as a tool with an aim to steal passwords saved within the Chrome browser.

Security Analysts found the malware pilfering credentials from Chrome on Windows systems. The password-stealer package hears for incoming commands from the attacker’s command-and-control (C2) server and can upload files, record from a victim’s screen and camera, and execute shell commands as well, so, it is known to be multifunctional.

What’s up?

The malware was discovered utilizing legitimate password recovery tools on Windows systems which is capable of providing extra access to camera and screen, file lookup, directory list, file upload, and shell command execution. The packages are within the npm registry since 2018 and downloaded quite 2,000 times. Npm also holds numerous types of executables such as PE, ELF, and Mach-O, besides textual Javascript. ReversingLabs analysts, who published their discoveries in a Wednesday post, said that during an analysis of the code repository, they found an interesting embedded Windows executable file: a credential-stealing threat. Labeled “Win32.Infostealer.Heuristics”, it showed up in two packages: nodejs_net_server and temptest temp file.

For the time being, the first, main threat is nodejs_net_server.

Why it matters

For three years, the malware has inhabited the npm registry, which is a concerning factor. This threat vindicates the fact that attacks on open-source ecosystems are not going away anywhere. It also substantiates that the threats are capable of evading detection for long periods.

The bottom line

Npm as well as cybercriminals have also penetrated PyPI to illegitimately mine cryptocurrency. This latest news shows how developers sometimes put too much trust in third-party code. Public package repositories serve as a good hiding place for malware. Therefore, there is an increasing demand for security measures that would help promptly detect and protect against these threats.


Share It On:

Recent Posts

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

CEDB Hydropower’s Extraordinary General Meeting Concluded: Five Directors Elected

Share It On: 5th November 2024, Kathmandu CEDB Hydropower Development Company Limited has successfully concluded its extraordinary general meeting. CEDB

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Government’s Journalist Accident Insurance Program: Apply Now For Your Protection

Share It On: 5th November, Kathmandu The Department of Information and Broadcasting has announced the launch of a new insurance

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For Growth

Nepal Life’s Property Acquisition in Hetauda: A Strategic Move For

Share It On:5th November, Kathmandu Nepal Life Insurance, a leading life insurance company in Nepal, has recently expanded its footprint

Global IME Dividend Announcement: Key Book Closure Date Revealed

Global IME Dividend Announcement: Key Book Closure Date Revealed

Share It On:5th November 2024, Kathmandu Global IME Bank has good news for its shareholders! The bank has announced a

Thai Air Asia’s Dual Airport Operations: A Win For Nepal’s Tourism and Economy

Thai Air Asia’s Dual Airport Operations: A Win For Nepal’s

Share It On:5th November 2024, Kathmandu Thai Air Asia has officially resumed its flights at Tribhuvan International Airport (TIA), Kathmandu,

Student Entrepreneurs Gathering Nepal: Empowering Young Minds to Launch Innovative Startups

Student Entrepreneurs Gathering Nepal: Empowering Young Minds to Launch Innovative

Share It On:5th November 2024, Kathmandu The upcoming Student Entrepreneurs Gathering Nepal will be a groundbreaking event dedicated to empowering