A mess of malicious activity

A mess of malicious activity

4 years ago
Anonymous $np3LcwuhSi

https://www.bleepingcomputer.com/news/security/malicious-npm-libraries-install-ransomware-password-stealer/

Malicious NPM packages pretending to be Roblox libraries are delivering ransomware and password-stealing trojans on unsuspecting users.

The two NPM packages are named noblox.js-proxy and noblox.js-proxies, and use typo-squatting to pretend to be the legitimate Roblox API wrapper called noblox.js-proxied by changing a single letter in the library's name.