"Over a Dozen Malicious npm Packages Target Roblox Game Developers"
Since the beginning of August 2023, more than a dozen malicious packages have been discovered in the npm package repository with the capability to launch an open-source information stealer named Luna Token Grabber on Roblox game developers' systems. The ongoing campaign, discovered by ReversingLabs on August 1, involves modules masquerading as the legitimate package noblox.js, an Application Programming Interface (API) wrapper used to create scripts that interact with the Roblox gaming platform. The packages were downloaded a total of 963 times before being removed. This article continues to discuss the malicious packages discovered on the npm package repository targeting Roblox game developers.
THN reports "Over a Dozen Malicious npm Packages Target Roblox Game Developers"