10 matches found
LummaC2 Infects North Korean Hacker Device Linked to Bybit Heist
LummaC2 infostealer infects North Korean hacker’s device, exposing ties to $1.4B Bybit heist and revealing tools, infrastructure and OPSEC failures...
Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware
Today, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors. This advisory details the tactics, techniques, and procedures, and indicators of compromise IOCs linked to threat actors deploying LummaC2...
Hello again, FakeBat: popular loader returns after months-long hiatus
The web browser, and search engines in particular, continue to be a popular entry point to deliver malware to users. While we noted a decrease in loaders distributed via malvertising for the past 3 months, today's example is a reminder that threat actors can quickly switch back to tried and teste...
New LummaC2 Malware Variant Uses PowerShell, Obfuscation to Steal Data
Ontinue has discovered a new LummaC2 malware variant with increased activity, using PowerShell for initial infection and employing…...
CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network CDN cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor...
Suspected CoralRaider continues to expand victimology using three information stealers
By Joey Chen, Chetan Raghuprasad and Alex Karkins. Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware, including Cryptbot, LummaC2 and Rhadamanthys. Talos also discovered a new PowerShell command-lin...
ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer
The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. "This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of...
LummaC2 v4.0 Malware Stealing Data with Trigonometry to Detect Human Users
By Deeba Ahmed LummaC2 is back as LummaC2 v4.0. This is a post from HackRead.com Read the original post: LummaC2 v4.0 Malware Stealing Data with Trigonometry to Detect Human Users...
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
The stealer malware known as LummaC2 aka Lumma Stealer now features a new anti-sandbox technique that leverages the mathematical principle of trigonometry to evade detection and exfiltrate valuable information from infected hosts. The method is designed to "delay detonation of the sample until...
Information Stealer LummaC2 Targets Browsers and Crypto Wallets
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LummaC2 Stealer is an information stealer that targets Chromium and Mozilla-based browsers. It is designed to steal sensitive information from a victims machine, including crypto wallets, extensions, and...