LofyGang

Also known as: LofyGang

LofyGang has been found to be linked to more than 200 malicious packages, with thousands of installations throughout 2022. The group, believed to have been operating for more than a year, has multiple hacking objectives, including stealing credit card information and stealing user accounts including Discord Inc. premium accounts, streaming services accounts such as Disney+ and Minecraft accounts.

Introduction

LofyGang has been found to be linked to more than 200 malicious packages, with thousands of installations throughout 2022. The group, believed to have been operating for more than a year, has multiple hacking objectives, including stealing credit card information and stealing user accounts including Discord Inc. premium accounts, streaming services accounts such as Disney+ and Minecraft accounts.

Activities and Tactics

Information pending cataloguing.

Notable Campaigns

Information pending cataloguing.

Tactics, Techniques, and Procedures (TTPs)

Information pending cataloguing.

Notable Indicators of Compromise (IOCs)

No curated IOCs are currently published for this actor. This section will be updated when stable, attributable indicators are available.

Malware and Tools

  • Hacking Team UEFI Rootkit
  • StreamEx

Attribution and Evidence

Information pending cataloguing.

References

References pending cataloguing.