Skip to content

LofyGang - Software Supply Chain Attack, ~200 Malicious NPM Packages

Table of Contents

"Checkmarx discovered ~200 malicious NPM packages with thousands of installations linked to an attack group called “LofyGang”.

This attack group has been operating for over a year with multiple hacking objectives:

  • Credit card information
  • Discord “Nitro” (premium) upgrades
  • Streaming services accounts (e.g. Disney+), Minecraft accounts, and more

Their findings were disclosed to the security teams of GitHub, NPM, Repl.it, Discord, and more.

They’ve launched a tracker website https://lofygang.info/ to share the findings about these attackers and share the full list of LofyGang’s related packages here."

LofyGang - Software Supply Chain Attackers; Organized, Persistent, and Operating for over a Year
Checkmarx discovered ~200 malicious NPM packages with thousands of installations linked to an attack group called “LofyGang”.

Latest

Szele Tamás: Navalnij halála

Szele Tamás: Navalnij halála

Ma új fejezet kezdődött Oroszország történetében, aminek az elejét, meglehet, vérrel írják. De ha minden jól megy, a közepétől visszatérnek a tintához.

Members Public