What is LofyGang?
LofyGang is a large attack surface that is almost impossible for organizations who don't use cross-platform tools to defend against. The group has been linked to previous attacks such as the one on the United States Office of Personnel Management in 2015 which resulted in the theft of over 21 million background check forms.
How Are They Carrying Out These Attacks?
The LofyGang group is using a technique called "typosquatting" to carry out their attacks. This involves them registering domain names that are similar to popular ones but with slight misspellings. They then create fake websites and software repositories that mimic the real ones. When users type in the wrong URL or use an old version of a package manager, they end up downloading and installing the malicious packages instead of the legitimate ones.
What Is Being Done to Stop Them?
Organizations are working quickly to mitigate the damage caused by these attacks and to prevent future ones from happening. The best way to protect yourself from typosquatting attacks is to always double-check the URL before you click on it and to make sure you are using the latest version of your package manager. You should also consider using a cross-platform tool like Detectify which can help you keep track of all domain names registered under your organization.
The recent spate of software supply chain attacks has been linked to the LofyGang group by a new analysis published today. The group is using a technique called "typosquatting" to carry out their attacks which involves registering domain names that are similar to popular ones but with slight misspellings. Organizations can protect themselves from these types of attacks by double-checking URLs before clicking on them and using the latest version of their package manager. Cross-platform tools like Detectify can also help keep track of all domain names registered under your organization.
Oops! Something went wrong while submitting the form :(
