LummaC2 Malware Abusing the Game Platform 'Steam'
July 26, 2024, 9 a.m.
Description
The report investigates LummaC2, an infostealer malware actively distributed under the guise of illegal software. It highlights LummaC2's tactics of utilizing encrypted strings and abusing legitimate websites like Steam to acquire command-and-control (C2) domains. The malware steals sensitive user data and sends it to the C2 servers. The analysis delves into LummaC2's evolution, distribution methods, encryption routines, and the types of information it targets for theft.
Tags
Date
- Created: July 26, 2024, 8:25 a.m.
- Published: July 26, 2024, 8:25 a.m.
- Modified: July 26, 2024, 9 a.m.
Indicators
- https://steamcommunity.com/profiles/76561199724331900
- https://unseaffarignsk.shop/api
- https://upknittsoappz.shop/api
- https://sicillyosopzv.shop/api
- https://shepherdlyopzc.shop/api
- https://reinforcedirectorywd.shop/api
- https://outpointsozp.shop/api
- https://liernessfornicsa.shop/api
- https://lariatedzugspd.shop/api
- https://indexterityszcoxp.shop/api
- https://callosallsaospz.shop/api
- unseaffarignsk.shop
- sicillyosopzv.shop
- upknittsoappz.shop
- shepherdlyopzc.shop
- outpointsozp.shop
- reinforcedirectorywd.shop
- liernessfornicsa.shop
- indexterityszcoxp.shop
- lariatedzugspd.shop
- callosallsaospz.shop