I think this is due to a misconception of what a bot actually is, in this case.
A 'bot' here is more referring to a Discord chat bot, or Roblox group bot.
These are (usually) not malicious, so it's totally possible that the victims thought it was a perfectly ethical scheme to get involved in, despite who was running it.
This isn't the only way the malware is spread either, it's still squatting on the NPM registry and will be installed by unknowing users who have nothing to do with this individual prior to seeing the package and installing it.
Given some of the packages install counts were inflated (into the hundreds of thousands), to a child or fresh-faced developer they may not look too out of place.