"Checkmarx discovered ~200 malicious NPM packages with thousands of installations linked to an attack group called “LofyGang”.
This attack group has been operating for over a year with multiple hacking objectives:
- Credit card information
- Discord “Nitro” (premium) upgrades
- Streaming services accounts (e.g. Disney+), Minecraft accounts, and more
Their findings were disclosed to the security teams of GitHub, NPM, Repl.it, Discord, and more.
They’ve launched a tracker website https://lofygang.info/ to share the findings about these attackers and share the full list of LofyGang’s related packages here."