According to Checkmarx, a cybercriminal organization called LofyGang has disseminated about 200 harmful NPM packages, which have been downloaded thousands of times in the previous year.
LofyGang appears to be an organized crime group based out of Brazil that specializes in a variety of hacking activities, such as credit card data theft, Discord premium upgrades, account hacking for games and streaming services, among others.
The organization has been seen using a closed dictionary of names (slight variations of evil, devil, lofy, polar, panda, kakau, and vilo) to create sock-puppet accounts for command and control (C&C) purposes on Discord, GitHub, glitch, Heroku, and Repl.it.
Read More: Oort Raises $15 Million for Identity Threat Detection and Response Platform
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
