Luna Grabber

Malware updated 8 days ago (2024-09-03T19:17:41.534Z)
Download STIX
Preview STIX
Luna Grabber, an open-source information-stealing malware, has been recently identified as the primary payload of malicious npm packages, targeting developers working on the Roblox platform. Discovered by researchers at ReversingLabs, Luna Grabber is a highly customizable malware capable of stealing information from victims' web browsers, Discord applications, and local system configurations. This malware has shaken the developer community, particularly those involved with Roblox, as it exploits vulnerabilities through npm packages, potentially causing developers to unwittingly fall prey to its effects. The campaign delivering Luna Grabber was uncovered in late August, when the malware began exploiting vulnerabilities in npm packages used by Roblox developers. The third stage executable connected to this campaign was found to be a PyInstaller-compiled executable serving Luna Grabber. Since the start of the following month, researchers have identified numerous malicious multistage packages on the npm public repository that implant Luna Grabber. The open-source nature of Luna Grabber allows attackers to tailor the malware to their specific needs, indicating a strategic choice to target Roblox developers. The malware shares overlaps with other publicly available stealers like Creal Stealer and BlackCap Grabber, believed to be the work of a developer known online as Deathined. The focus on a particular user group suggests a more concentrated effort by cybercriminals to exploit specific vulnerabilities within certain communities or platforms.
Description last updated: 2024-09-03T19:15:38.785Z
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Malware
Discord
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Luna Grabber Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
DARKReading
8 days ago
Evolving npm Package Campaign Targets Roblox Devs, for Years
CERT-EU
a year ago
OpenSSF Launches Malicious Packages Repository
CERT-EU
a year ago
Supply Chain Attack Targeting Telegram, AWS and Alibaba Cloud Users
CERT-EU
a year ago
OpenSSF Launches Malicious Packages Repository
DARKReading
a year ago
Luna Grabber Malware Targets Roblox Gaming Devs
CERT-EU
a year ago
New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs
CERT-EU
a year ago
Luna Grabber Malware Hits Roblox Devs Through npm Packages
CERT-EU
a year ago
Someone is targeting Roblox developers with info-stealing malware
CERT-EU
a year ago
Luna Grabber Malware Hits Roblox Devs Through npm Packages | IT Security News
CERT-EU
a year ago
Sensitive data leaks likely with critical WooCommerce Stripe Gateway plugin flaw
CERT-EU
a year ago
New Agent Tesla Variant Uses Excel Exploit to Infect Windows PC
CERT-EU
a year ago
Windows systems targeted in global Skuld info stealer attacks
CERT-EU
a year ago
Typosquatting campaign delivers r77 rootkit via npm