Luna Grabber Malware Hits Roblox Devs Through npm Packages
Roblox developers are being targeted by a new malware called Luna Grabber, which is distributed through malicious npm packages that impersonate legitimate software. The malware is capable of stealing sensitive data from victims' web browsers, Discord applications, and local system configurations. The campaign began in August 2023 and revolves around malicious packages impersonating the legitimate noblox.js, a popular Node.js Roblox API wrapper. Luna Grabber was downloaded approximately 1000 times, but its impact was relatively low due to security measures in place to protect developers on the npm repository. The incident highlights the growing trend of malicious actors employing typo squatting to exploit developers' trust in legitimate software packages. Malware: Luna, LunaGrabber [View Article](https://www.hackread.com/luna-grabber-malware-roblox-devs-npm-packages/)