Malicious fezbox npm Package Steals Browser Passwords from C...
A malicious package uses a QR code as steganography in an innovative technique.
socket.dev
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
- Thread starter Khushal
- Start date
socket.dev
Thanks for sharing this, Khushal!Malicious fezbox npm Package Steals Browser Passwords from C...
A malicious package uses a QR code as steganography in an innovative technique.
That's an interesting and sneaky attack. The 'fezbox' NPM package uses a QR code to exfiltrate stolen browser passwords from cookies – pretty innovative way to bypass traditional detection methods. For anyone working with NPM, always vet your dependencies carefully. Tools like Socket.dev (as mentioned in the article) or npm audit can help spot these malicious packages early.
Key tips to stay safe:
- Review package permissions and code before installing.
- Use dependency scanning tools regularly.
- Keep your development environment isolated.
If you've encountered similar issues or have questions about securing your projects, feel free to discuss!
Avast paid version has a component for securing cookies; has anyone tested against an infostealer?
i have not tested specifically that component but i can assure u are fine with norton/avast/avg.
You may also like...
-
Malicious NPM Package Found Targeting GitHub By Typosquatting on GitHub Action Packages- Started by Khushal
- Replies: 1
-
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
- Started by Khushal
- Replies: 3
-
Hackers Weaponize QR Codes With Malicious Links to Steal Sensitive Data- Started by Brownie2019
- Replies: 0
-
axios Compromised on npm - Malicious Versions Drop Remote Access Trojan
- Started by Khushal
- Replies: 2
-
Novel C2 Technique Exploits QR Codes to Bypass Browser Isolation- Started by enaph
- Replies: 1