Luna Grabber Malware Targets Roblox Gaming Devs

  /     /     /  
Publicated : 23/11/2024   Category : security


Luna Grabber Malware Targets Roblox Gaming Devs


Roblox gaming developers are lured in by a package that claims to create useful scripts to interact with the Roblox website, for example by “promot(ing) users, shout events, and so on, or to create Discord utiltiies (sic) to manage their community.”



Since the start of this month, researchers at ReversingLabs have found a host of malicious, multistage packages on the npm public repository that implant an open source, information-stealing malware known as Luna Grabber.
To infect its victims, the packages imitate a legitimate package, such as noblox.js — a Node.js Roblox API wrapper used to write scripts that interact with the
Roblox gaming platform
, according to a ReversingLabs analysis on the campaign. The malicious packages reproduce code from the legitimate package but add information-stealing functions to the mix. 
Developers of the scripts that ultimately run on the Roblox platform could thus unwittingly fall prey to Luna Grabber, which is an open-source malware designed to steal information from the users local web browser, Discord application, and more, according to ReversingLabs.
The researchers first came upon
these types of campaigns
while monitoring the
npm public repository
, and noblox.js-vps was the first malicious package they happened upon. The package displayed suspicious behaviors, such as executing commands in the command line, containing URLs that linked to Discord attachments, enumerating files in a given directory, and enumerating user information, among other actions. Since then, ReversingLabs researchers have also identified other malicious packages that are similar, such as noblox.js-ssh and noblox.js-secure.
Even though the impact of noblox.js-vps and other malicious packages in this campaign wasnt high, it is a reminder to security and software development teams that threats lurk consistently in open-source repositories, making choosing which package to include in the development process critical, wrote the researchers. 

Last News

▸ Car Sector Speeds Up In Security. ◂
Discovered: 23/12/2024
Category: security

▸ Making use of a homemade Android army ◂
Discovered: 23/12/2024
Category: security

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Luna Grabber Malware Targets Roblox Gaming Devs