April 24, 2024 at 09:15AM Cisco’s Talos security research unit warns of threat actor CoralRaider using information stealers to target users worldwide and harvest credentials and financial data. The threat actor, likely of Vietnamese origin, has been active since at least 2023 and has been targeting users with a combination of three information stealers—Cryptbot, LummaC2, … Read more
November 22, 2023 at 05:00PM The Lumma information-stealer malware, also known as LummaC2, claims to have a new feature that can restore expired Google cookies, allowing cybercriminals to hijack Google accounts. The feature is only available to subscribers of the highest-tier plan, costing $1,000/month. While this capability has not been verified by security researchers or … Read more
November 21, 2023 at 02:35PM The Lumma malware, known as LummaC2, is advertising a new feature that claims to restore expired Google cookies. These cookies can be used to gain unauthorized access to Google accounts. The feature is available to subscribers of the high-tier “Corporate” plan, which costs $1,000/month. The legitimacy of this feature has … Read more
November 20, 2023 at 05:06PM The latest version of the LummaC2 malware-as-a-service has a new anti-sandbox feature. Version 4.0 uses trigonometry to track mouse movements and detect when a human user is active on a compromised computer. This allows the malware to avoid detection in sandboxes and gain access to the network. While the use … Read more
November 20, 2023 at 06:42AM The LummaC2 malware has added a new anti-sandbox technique that uses trigonometry to evade detection and steal valuable information from infected hosts. The malware also incorporates control flow flattening and can deliver additional payloads. It requires the use of a crypter to conceal itself and relies on trigonometry to detect … Read more