Your Data Is Under New Management: The Rise of LummaStealer

Tags

External References

• https://www.cybereason.com/
• https://otx.alienvault.com/

Description

LummaStealer, a relatively new information-stealing malware, has gained prominence since 2022 for its ability to collect sensitive data from Windows systems. Marketed as Malware-as-a-Service (MaaS) on underground forums, it targets individuals, cryptocurrency users, and small to medium-sized businesses. The malware employs various infection vectors, including phishing emails, cracked software, and malicious downloads. It harvests credentials, cookies, cryptocurrency wallets, and system information, exfiltrating data to remote servers. Recent campaigns have shown increased sophistication in social engineering tactics and the use of legitimate platforms like Steam and Dropbox to evade detection. The malware's accessibility through MaaS has made it popular among diverse threat actors, complicating attribution efforts.

Date