Tag: lumma
6 attack reports | 0 vulnerabilities
Attack reports
Malicious CAPTCHA delivers Lumma and Amadey Trojans
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Downloadable IOCs 1
Over 10 Million Personal And Corporate Devices Infected By Information Stealers
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
Downloadable IOCs 0
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
An examination of how threat actors hijack social media pages, rename them to resemble legitimate AI photo editors, and post malicious links to fake websites promoted through paid ads. The links trick users into installing endpoint management software, allowing the execution of credential stealers …
Downloadable IOCs 73
Malware Distributed Using Falcon Sensor Update Phishing Lure
CrowdStrike Intelligence uncovered a phishing campaign impersonating CrowdStrike and distributing malicious files containing a Microsoft Installer (MSI) loader. The loader executes the commodity stealer 'Lumma Stealer' packed with 'CypherIt'. This campaign is likely linked to a previous 'Lumma Stea…
Downloadable IOCs 32
Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412
Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
Downloadable IOCs 12
Malicious CAPTCHA delivers Lumma and Amadey Trojans
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Downloadable IOCs 1
Over 10 Million Personal And Corporate Devices Infected By Information Stealers
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
Downloadable IOCs 0
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
An examination of how threat actors hijack social media pages, rename them to resemble legitimate AI photo editors, and post malicious links to fake websites promoted through paid ads. The links trick users into installing endpoint management software, allowing the execution of credential stealers …
Downloadable IOCs 73
Malware Distributed Using Falcon Sensor Update Phishing Lure
CrowdStrike Intelligence uncovered a phishing campaign impersonating CrowdStrike and distributing malicious files containing a Microsoft Installer (MSI) loader. The loader executes the commodity stealer 'Lumma Stealer' packed with 'CypherIt'. This campaign is likely linked to a previous 'Lumma Stea…
Downloadable IOCs 32
Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412
Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
Downloadable IOCs 12
Malicious CAPTCHA delivers Lumma and Amadey Trojans
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Downloadable IOCs 1
Over 10 Million Personal And Corporate Devices Infected By Information Stealers
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
Downloadable IOCs 0
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
An examination of how threat actors hijack social media pages, rename them to resemble legitimate AI photo editors, and post malicious links to fake websites promoted through paid ads. The links trick users into installing endpoint management software, allowing the execution of credential stealers …
Downloadable IOCs 73
Malware Distributed Using Falcon Sensor Update Phishing Lure
CrowdStrike Intelligence uncovered a phishing campaign impersonating CrowdStrike and distributing malicious files containing a Microsoft Installer (MSI) loader. The loader executes the commodity stealer 'Lumma Stealer' packed with 'CypherIt'. This campaign is likely linked to a previous 'Lumma Stea…
Downloadable IOCs 32
Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412
Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
Downloadable IOCs 12
Malicious CAPTCHA delivers Lumma and Amadey Trojans
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Downloadable IOCs 1
Over 10 Million Personal And Corporate Devices Infected By Information Stealers
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
Downloadable IOCs 0
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
An examination of how threat actors hijack social media pages, rename them to resemble legitimate AI photo editors, and post malicious links to fake websites promoted through paid ads. The links trick users into installing endpoint management software, allowing the execution of credential stealers …
Downloadable IOCs 73
Malware Distributed Using Falcon Sensor Update Phishing Lure
CrowdStrike Intelligence uncovered a phishing campaign impersonating CrowdStrike and distributing malicious files containing a Microsoft Installer (MSI) loader. The loader executes the commodity stealer 'Lumma Stealer' packed with 'CypherIt'. This campaign is likely linked to a previous 'Lumma Stea…
Downloadable IOCs 32
Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412
Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
Downloadable IOCs 12
Malicious CAPTCHA delivers Lumma and Amadey Trojans
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Downloadable IOCs 1
Over 10 Million Personal And Corporate Devices Infected By Information Stealers
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
Downloadable IOCs 0
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
An examination of how threat actors hijack social media pages, rename them to resemble legitimate AI photo editors, and post malicious links to fake websites promoted through paid ads. The links trick users into installing endpoint management software, allowing the execution of credential stealers …
Downloadable IOCs 73
Malware Distributed Using Falcon Sensor Update Phishing Lure
CrowdStrike Intelligence uncovered a phishing campaign impersonating CrowdStrike and distributing malicious files containing a Microsoft Installer (MSI) loader. The loader executes the commodity stealer 'Lumma Stealer' packed with 'CypherIt'. This campaign is likely linked to a previous 'Lumma Stea…
Downloadable IOCs 32
Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412
Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
Downloadable IOCs 12
Malicious CAPTCHA delivers Lumma and Amadey Trojans
An adware campaign targets online users by presenting them with fake CAPTCHA or update prompts, tricking them into running malicious PowerShell commands that deploy credential-stealing malware like Lumma and Amadey. The attackers leverage ad networks to redirect victims to compromised sites hosting…
Downloadable IOCs 1
Over 10 Million Personal And Corporate Devices Infected By Information Stealers
A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
Downloadable IOCs 0
HijackLoader evolution: abusing genuine signing certificates
A report by HarfangLab EDR and MITRE ATT&CK on the threat posed by the Lumma Stealer malware, published on 11 October, 2024, outlines the tactics used to deploy the malware.
Downloadable IOCs 69
Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft
An examination of how threat actors hijack social media pages, rename them to resemble legitimate AI photo editors, and post malicious links to fake websites promoted through paid ads. The links trick users into installing endpoint management software, allowing the execution of credential stealers …
Downloadable IOCs 73
Malware Distributed Using Falcon Sensor Update Phishing Lure
CrowdStrike Intelligence uncovered a phishing campaign impersonating CrowdStrike and distributing malicious files containing a Microsoft Installer (MSI) loader. The loader executes the commodity stealer 'Lumma Stealer' packed with 'CypherIt'. This campaign is likely linked to a previous 'Lumma Stea…
Downloadable IOCs 32
Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412
Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
Downloadable IOCs 12