all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Fake Roblox packages target npm with Luna Grabber information stealing-malware

Add to bookmarks
Aug. 22, 2023, 11 a.m. | lucija.valentic@reversinglabs.com (Lucija Valentić)

ReversingLabs Blog blog.reversinglabs.com




ReversingLabs researchers have identified more than a dozen malicious packages on the npm public repository since the beginning of August, including multi-stage malicious packages that placed Luna Grabber, open source information stealing malware, on infected systems. In a replay of an attack uncovered two years ago, the malicious packages imitated the legitimate package noblox.js, a Node.js Roblox API wrapper used to write scripts that interact with the Roblox gaming platform.  

attack august fake information information stealing luna malicious malicious packages malware npm open source packages public replay repository researchers reversinglabs roblox software supply chain security stage stealing systems target threat research uncovered

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

Verizon 2024 DBIR: Software supply chain risks fuel a data breach epidemic 3 days, 13 hours ago | blog.reversinglabs.com
alarm appsec & supply chain security breach breaches +25
What’s hot at RSAC 2024: 8 SSCS talks you don’t want to miss 4 days, 12 hours ago | blog.reversinglabs.com
appsec & supply chain security cisos development don +16
How SOC analysts and threat hunters can expose malware undetected by EDR 5 days, 13 hours ago | blog.reversinglabs.com
analysts can corporate don +16
Introducing the Unified RL Spectra Suite 5 days, 13 hours ago | blog.reversinglabs.com
always on appsec & supply chain security change criminals +15
Announcing the General Availability of Spectra Detect v5.0: Enhancing File Analysis for Advanced Threat Detection 5 days, 13 hours ago | blog.reversinglabs.com
advanced advanced threat advanced threat detection analysis +23
Announcing the General Availability of TitaniumScale v5.0: Enhancing File Analysis for Advanced Threat Detection 1 week, 2 days ago | blog.reversinglabs.com
advanced advanced threat advanced threat detection analysis +23
How NIST CSF 2.0 and C-SCRM help manage software supply chain risk 1 week, 3 days ago | blog.reversinglabs.com
appsec & supply chain security businesses critical critical infrastructure +29
What’s hot at RSAC 2024: 7 must-see talks for security operations teams 1 week, 4 days ago | blog.reversinglabs.com
conference filter flood francisco +21
NVD delays highlight vulnerability management woes: Put malware first 1 week, 5 days ago | blog.reversinglabs.com
appsec & supply chain security attention change current +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com
View more jobs