Malicious campaign make use of npm packages to steal Discord users information

An ongoing malicious campaign is making use of multiple npm packages. This campaign is dubbed LofyLife to infect Discord users with malware that will steal the user’s payment card information. 

This malware is a variant of the open-source and Python-based Volt Stealer token logger, according to Kaspersky security. Kaspersky researchers Igor Kuznetsov and Lenoid Bezvershenko stated this. 

The researchers asserted that they used the internal automated system for monitoring open-source repositories on 26 July. They identified four suspicious packages in the Node Package Manager (npm) repository. 

These packages contained highly obfuscated malicious Python and Javacript code. The researchers dubbed this malicious campaign ‘LofyLife’. The malware gets automatically deployed after the installation of the small-sm, pern-valids, lifeculer, or proc-title malicious npm modules. 

After its installation, it can and does collect Discord tokens and system information. This information also includes the victims’ IP addresses. 

This action is executed by monitoring the victims’ actions. These actions ranges from logins, credential change attempts to multi factor authentication toggles and addition of new payment methods to steal Discord accounts and complete payment information. 

The data is uploaded to one of several Replit-hosted instances whose addresses are hard-coded within the malware after it is harvested. 

This is just one endless stream of malware specifically designed to target Discord users in the recent years in the hands of information stealers. 




Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More