Here’s why popular code libraries are flooded with Roblox, Fortnite spam right now

PyPI, NuGet and npm filled with hundreds of junk packages

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Open sourcecode repositories PyPI, NuGet and npm have been polluted with a flood of junk packages relating to popular online games like Roblox andFortnite, recent analysis shows.

As explained in areportfromcybersecurityfirm Sonatype, the junk packages do not contain malicious code. Instead, their associated README files direct visitors towards spam domains that claim to offer free in-game currency and custom skins.

These fraudulent domains are set up to harvest the personal information and account credentials of anyone who interacts with them.

We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time. Thank you for taking part.

Click here to start the survey in a new window«

Large-scale spam campaigns

As Sonatype notes, it is not uncommon for open source repositories to be abused as part of spam campaigns, because the low barrier to entry for submission creates the ideal conditions for cybercriminals.

However, the specific objective of these campaigns is less clear. The best guess among security researchers so far is that the spam packages are designed to boost theSEOperformance of the malicious domains.

“One theory is, these spam campaigns are a ploy to improve theSEOfor their spammy domains,” explained Ax Sharma, Security Researcher at Sonatype, in an email exchange withTechRadar Pro. “When someone searches for ‘free Roblox Robux’, the open source repository’s reputation and search index ranking lends credence to the attacker’s links, which may now shine through the search results.”

LinkedIn is becoming a paradise for phishing attacks>WordPress plugin bug exposes millions of sites to attack>Microsoft Teams is not the sage haven you think

Although all affected repositories told Sonatype they have mechanisms in place to prevent these outlinks conferring an SEO advantage, their presence on the platforms may nonetheless improve theirsearch engine rankingsto some extent.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Sharma suggests the latest campaigns are particularly noteworthy for their focus on video games, especially those frequented by younger players. In addition to Fortnite and Roblox spam, Sonatype has recently identified multiple campaigns targeting users of Discord, amessaging platformpopular among gamers.

One possibility is that cybercriminals have settled on younger gamers as an easy mark, because they are equipped with neither the skills to identify online scams nor the funds to pay for in-game microtransactions via legitimate routes.

Joel Khalili is the News and Features Editor at TechRadar Pro, covering cybersecurity, data privacy, cloud, AI, blockchain, internet infrastructure, 5G, data storage and computing. He’s responsible for curating our news content, as well as commissioning and producing features on the technologies that are transforming the way the world does business.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case