Typosquatting 

Noblox.js is a wrapper for the Roblox API, a function widely used by many gamers to automate interactions with the popular Roblox gaming platform. The software also appears to be attracting a new crowd. In 2021, hackers launched typosquatting attacks via the noblox.js package by uploading confusingly similar packages laden with ransomware to a registry for open-source JavaScript libraries and then distributing the infected files via a chat service. However, since September of 2021, gamer Josh Muir along with several others has actively been cracking down on the attackers, attempting to prevent the proliferation of ransomware through the noblox.js package and other code libraries, and thwart further attacks on the gaming community.

What you need to know: Typosquatting is a phishing attack where attackers take advantage of commonly misspelled domain names. Often times, the guilty party isn’t actually looking to carry out an attack, but instead is holding out hope that a company, brand or person will buy the domain off them. But in other cases, thieves create malicious domains that closely resemble those of legitimate brands.

Comments

Popular posts from this blog

Compromised Credentials

SQL Injection