LofyGang Thriving Scams Unveil
On Discord hackers are wreaking havoc on account holders via a massive theft stealing ring. Through GitHub and NPM codes platforms, the LofyGang hackers have established a thriving business that steals and sell stolen Discord credentials on dark web markets.
Individuals who created accounts on the social messaging platform have been under heavy cyber attacks after the LofyGang disseminated 200 malware packages and phony hacking tools to dark web hacker communities. Cyber analysts tracking the Discord hack have concluded that code hosting sites like NPM and GitHub played a huge role in the success of the “LofyGang” credential stealing enterprise.
The nefarious threat actors, according to the three cyber security companies, have established the credential-stealing business by misspelling their malware package names, which allowed them to establish contiguous assaults through their supply chains.
200 malware were linked to the LofyGang by the cyber researchers at Sonatype, Kaspersky, and Jfrog, who noticed numerous misspell versions of the name associated with the malicious packages.
So far, some have been deleted from the NPM and Github platforms, but the researchers stated that there are still some malicious packages linked to the criminal gang available.
To bolster its security, Github has rendered most of them accessible and has also created a task force to track and removed all products that are linked to the LofyGang hacking group.
LofyGang Identity Theft Scheme
Specifically, tracking harmful LofyGang products has taken a new twist with the Checkmarx research team mapping their every move. A map of LofyGang’s activities offers a comprehensive perspective on the hackers’ objectives. Also, the scope of their criminal enterprise and the real impact caused by these threat actors are being analyzed by the Checkmarx team.
The threat actors known as “LofyGang” according to Checkmarx, have created a huge enterprise, with their footprints found on several sites, even with stolen credit card information being sold on dark web marketplaces. In addition, the malicious hackers have developed a huge stealth ring that steals Discord “Nitro” credentials. They have also been tracked to streaming and gaming sites, with Minecraft and Disney+ being their main targets.
Meanwhile, financial gain is their main objective, as it shows that a huge amount of compromised accounts’ credentials are being presently advertised on several dark web markets, as well as in high traffic hacker forums, and even being sold on the Discord platform.