Over 93.7B stolen cookies are for sale on the dark web; 7–9% remain active, enabling hackers to hijack sessions and bypass MFA. #CyberSecurity #Infostealer #SessionHijacking #MFABypass #DarkWeb #Redline #LummaC2 #CookiesTheft #DataBreach #ThreatIntel www.theregister.com/2025/05/29/b...
Billions of session cookies for sale sparks security warning
: Law enforcement crackdowns are gathering pace but online marketplaces still teeming with valuable tokens
www.theregister.com
June 3, 2025 at 4:39 PM
Over 93.7B stolen cookies are for sale on the dark web; 7–9% remain active, enabling hackers to hijack sessions and bypass MFA. #CyberSecurity #Infostealer #SessionHijacking #MFABypass #DarkWeb #Redline #LummaC2 #CookiesTheft #DataBreach #ThreatIntel www.theregister.com/2025/05/29/b...
Response to CISA Advisory (AA25-141B): Threat Actors Deploy LummaC2 Malware to Exfiltrate Sensitive Data from Organizations AttackIQ has updated an existing assessment template in response to the CISA Advisory (AA25-141B) published on May 21, 2025, whic...
| Details | Interest | Feed |
| Details | Interest | Feed |
Origin
www.attackiq.com
May 22, 2025 at 9:05 PM
FBI Seizes Key Domains Behind LummaC2 Malware Used in Global Credential Theft The U.S. Department...
https://thecyberexpress.com/lummac2-malware-network-disrupted/
#Cyber #News #Firewall #Daily #crackdown #on #LummaC2 #Cryptocurrency #Fraud #Cyber #Threats
Result Details
https://thecyberexpress.com/lummac2-malware-network-disrupted/
#Cyber #News #Firewall #Daily #crackdown #on #LummaC2 #Cryptocurrency #Fraud #Cyber #Threats
Result Details
May 23, 2025 at 6:40 AM
FBI Seizes Key Domains Behind LummaC2 Malware Used in Global Credential Theft The U.S. Department...
https://thecyberexpress.com/lummac2-malware-network-disrupted/
#Cyber #News #Firewall #Daily #crackdown #on #LummaC2 #Cryptocurrency #Fraud #Cyber #Threats
Result Details
https://thecyberexpress.com/lummac2-malware-network-disrupted/
#Cyber #News #Firewall #Daily #crackdown #on #LummaC2 #Cryptocurrency #Fraud #Cyber #Threats
Result Details
Hackers Imitate Windows “Commander Tool” to Unleash LummaC2 Malware Attack Cybersecurity rese...
https://cyberpress.org/hackers-imitate-windows-commander-tool/
#Cyber #Attack #Cyber #Security #News #Cybersecurity #Malware #Windows #Cyber #Security #Cyber
Event Attributes
https://cyberpress.org/hackers-imitate-windows-commander-tool/
#Cyber #Attack #Cyber #Security #News #Cybersecurity #Malware #Windows #Cyber #Security #Cyber
Event Attributes
February 24, 2025 at 4:52 PM
Hackers Imitate Windows “Commander Tool” to Unleash LummaC2 Malware Attack Cybersecurity rese...
https://cyberpress.org/hackers-imitate-windows-commander-tool/
#Cyber #Attack #Cyber #Security #News #Cybersecurity #Malware #Windows #Cyber #Security #Cyber
Event Attributes
https://cyberpress.org/hackers-imitate-windows-commander-tool/
#Cyber #Attack #Cyber #Security #News #Cybersecurity #Malware #Windows #Cyber #Security #Cyber
Event Attributes
The Rising Threat of LummaC2: Cybercriminals Exploit Cracked Software to Distribute Infostealer Malware
In recent weeks, cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have identified a concerning new campaign that leverages the allure of cracked software to distribute…
In recent weeks, cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have identified a concerning new campaign that leverages the allure of cracked software to distribute…
The Rising Threat of LummaC2: Cybercriminals Exploit Cracked Software to Distribute Infostealer Malware
In recent weeks, cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have identified a concerning new campaign that leverages the allure of cracked software to distribute LummaC2, a sophisticated infostealer malware. This malware masquerades as a cracked version of Total Commander, a widely used Windows file management tool known for its robust features like folder synchronization and FTP/SFTP support. This article delves into the tactics used by cybercriminals, the technical intricacies of the LummaC2 malware, and the broader implications of this threat.
undercodenews.com
February 24, 2025 at 6:08 PM
The Rising Threat of LummaC2: Cybercriminals Exploit Cracked Software to Distribute Infostealer Malware
In recent weeks, cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have identified a concerning new campaign that leverages the allure of cracked software to distribute…
In recent weeks, cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have identified a concerning new campaign that leverages the allure of cracked software to distribute…
LummaC2 Fractures as Acreed Malware Becomes Top Dog
LummaC2 Fractures as Acreed Malware Becomes Top Dog
LummaC2 formerly accounted for almost 92% of Russian Market's credential theft log alerts. Now, the Acreed infostealer has replaced its market share.
www.darkreading.com
June 3, 2025 at 7:58 PM
LummaC2 Fractures as Acreed Malware Becomes Top Dog
CISA, FBI Release LummaC2 Malware Joint Advisory The Cybersecurity and Infrastructure Security Ag...
https://executivegov.com/2025/05/cisa-fbi-lummac2-malware-joint-advisory/
#Cybersecurity #News
Result Details
https://executivegov.com/2025/05/cisa-fbi-lummac2-malware-joint-advisory/
#Cybersecurity #News
Result Details
CISA, FBI Release LummaC2 Malware Joint Advisory
Explore the CISA-FBI joint cybersecurity advisory and learn how it could prevent LummaC2 malware infections.
executivegov.com
May 22, 2025 at 9:30 PM
CISA, FBI Release LummaC2 Malware Joint Advisory The Cybersecurity and Infrastructure Security Ag...
https://executivegov.com/2025/05/cisa-fbi-lummac2-malware-joint-advisory/
#Cybersecurity #News
Result Details
https://executivegov.com/2025/05/cisa-fbi-lummac2-malware-joint-advisory/
#Cybersecurity #News
Result Details
did a a writeup about the ClearFake/ClickFix + Etherhide campaign. Leads to Lumma/LummaC2.
Tracking updated domains, details in the write-up 🚀
www.atea.no/siste-nytt/i...
Tracking updated domains, details in the write-up 🚀
www.atea.no/siste-nytt/i...
January 12, 2025 at 7:26 AM
did a a writeup about the ClearFake/ClickFix + Etherhide campaign. Leads to Lumma/LummaC2.
Tracking updated domains, details in the write-up 🚀
www.atea.no/siste-nytt/i...
Tracking updated domains, details in the write-up 🚀
www.atea.no/siste-nytt/i...
LummaC2: Obfuscation Through Indirect Control Flow:
cloud.google.com/blog/topics/...
#reverseengineering #informationsecurity #cybersecurity #assembly #antiforensics #blueteam
cloud.google.com/blog/topics/...
#reverseengineering #informationsecurity #cybersecurity #assembly #antiforensics #blueteam
October 4, 2024 at 1:33 PM
LummaC2: Obfuscation Through Indirect Control Flow:
cloud.google.com/blog/topics/...
#reverseengineering #informationsecurity #cybersecurity #assembly #antiforensics #blueteam
cloud.google.com/blog/topics/...
#reverseengineering #informationsecurity #cybersecurity #assembly #antiforensics #blueteam
The Justice Department announced today the unsealing of two warrants authorizing the seizure of five internet domains used by malicious cyber actors to operate the LummaC2 information-stealing malware service.
Justice Department Seizes Domains Behind Major Information-Stealing Malware Operation
www.justice.gov
May 21, 2025 at 10:33 PM
The Justice Department announced today the unsealing of two warrants authorizing the seizure of five internet domains used by malicious cyber actors to operate the LummaC2 information-stealing malware service.
It keeps going, new sample: www.virustotal.com/gui/file/d70...
At the time of scanning 1 vendor detected it, still only 3 at the moment. Deploying LummaC2 unsurprisingly.
This time a binary signed by 'ONE UP LTD' from the Nuclear Coffee VideoGet application used to load into memory.👇
At the time of scanning 1 vendor detected it, still only 3 at the moment. Deploying LummaC2 unsurprisingly.
This time a binary signed by 'ONE UP LTD' from the Nuclear Coffee VideoGet application used to load into memory.👇
April 22, 2025 at 10:56 PM
It keeps going, new sample: www.virustotal.com/gui/file/d70...
At the time of scanning 1 vendor detected it, still only 3 at the moment. Deploying LummaC2 unsurprisingly.
This time a binary signed by 'ONE UP LTD' from the Nuclear Coffee VideoGet application used to load into memory.👇
At the time of scanning 1 vendor detected it, still only 3 at the moment. Deploying LummaC2 unsurprisingly.
This time a binary signed by 'ONE UP LTD' from the Nuclear Coffee VideoGet application used to load into memory.👇
Threat Actors Mimic Commander Tool for Windows to Deploy LummaC2 Malware Security researchers at ...
https://cybersecuritynews.com/threat-actors-mimic-commander-tool-for-windows/
#cyberf="/hashtag/Cyber" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Cyber #security/hashtag/Security" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Security #newsef="/hashtag/News" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#News #Threats #cyber #security #cyber #security #news
Event Attributes
https://cybersecuritynews.com/threat-actors-mimic-commander-tool-for-windows/
#cyberf="/hashtag/Cyber" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Cyber #security/hashtag/Security" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Security #newsef="/hashtag/News" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#News #Threats #cyber #security #cyber #security #news
Event Attributes
Threat Actors Mimic Commander Tool for Windows to Deploy LummaC2 Malware
cybersecuritynews.com
February 25, 2025 at 8:37 AM
Threat Actors Mimic Commander Tool for Windows to Deploy LummaC2 Malware Security researchers at ...
https://cybersecuritynews.com/threat-actors-mimic-commander-tool-for-windows/
#cyberf="/hashtag/Cyber" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Cyber #security/hashtag/Security" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Security #newsef="/hashtag/News" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#News #Threats #cyber #security #cyber #security #news
Event Attributes
https://cybersecuritynews.com/threat-actors-mimic-commander-tool-for-windows/
#cyberf="/hashtag/Cyber" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Cyber #security/hashtag/Security" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#Security #newsef="/hashtag/News" class="hover:underline text-blue-600 dark:text-sky-400 no-card-link">#News #Threats #cyber #security #cyber #security #news
Event Attributes
📌 Acreed Malware Replaces LummaC2 as Top Identity Theft Threat in Russian Market https://www.cyberhub.blog/article/7413-acreed-malware-replaces-lummac2-as-top-identity-theft-threat-in-russian-market
Acreed Malware Replaces LummaC2 as Top Identity Theft Threat in Russian Market
LummaC2, which previously accounted for nearly 92% of identity theft alerts in the Russian market, has been replaced by the Acreed malware. Acreed has taken over LummaC2's market share as the leading malware in this field.
www.cyberhub.blog
June 4, 2025 at 5:20 AM
📌 Acreed Malware Replaces LummaC2 as Top Identity Theft Threat in Russian Market https://www.cyberhub.blog/article/7413-acreed-malware-replaces-lummac2-as-top-identity-theft-threat-in-russian-market
LummaC2 malware infected millions, stealing sensitive data & enabling $36.5M in fraud. A global operation dismantled its core infrastructure, but vigilance is key as threats persist. Stay secure. #Cybersecurity #MalwareAlert #DataProtection #Infosec snip.ly/a26ej5
Lumma infostealer infected about 10 million systems before global disruption
Cybercriminals used the prolific malware to target individuals and businesses, including Fortune 500 companies, according to the FBI.
snip.ly
May 21, 2025 at 8:57 PM
LummaC2 malware infected millions, stealing sensitive data & enabling $36.5M in fraud. A global operation dismantled its core infrastructure, but vigilance is key as threats persist. Stay secure. #Cybersecurity #MalwareAlert #DataProtection #Infosec snip.ly/a26ej5
DOJ just shut down 5 malware domains tied to LummaC2. Hackers shook. Cyber cops out here winning 🕵️♂️💻
May 23, 2025 at 11:13 AM
DOJ just shut down 5 malware domains tied to LummaC2. Hackers shook. Cyber cops out here winning 🕵️♂️💻
🚔: “MaaS infostealers led in infections in 2024, with LummaC2 dominating command-and-control servers as continuous innovation and law enforcement actions against rivals like RedLine Stealer reshaped the cybercrime ecosystem.”
February 28, 2025 at 4:08 PM
🚔: “MaaS infostealers led in infections in 2024, with LummaC2 dominating command-and-control servers as continuous innovation and law enforcement actions against rivals like RedLine Stealer reshaped the cybercrime ecosystem.”
Global takedown of LummaC2 malware seizes thousands of command & control domains, disrupting major cybercrime operation. #Cybersecurity #Malware #Cybercrime
Global Takedown of LummaC2 Malware
Global takedown of LummaC2 malware seizes thousands of command & control domains, disrupting major cybercrime operation. #Cybersecurity #Malware #Cybercrime
www.justice.gov
May 23, 2025 at 2:52 AM
Global takedown of LummaC2 malware seizes thousands of command & control domains, disrupting major cybercrime operation. #Cybersecurity #Malware #Cybercrime
LummaC2 Malware Distributed Disguised as Total Commander Crack
buff.ly
March 28, 2025 at 9:54 AM
LummaC2 Malware Distributed Disguised as Total Commander Crack
Lumma Stealer is Out... of business! A coordinated action led by Microsoft's Digital Crimes Unit, with participation from Bitsight and other partners, has successfully dismantled the operational capabilities of Lumma Stealer (LummaC2), a prominent info...
| Details | Interest | Feed |
| Details | Interest | Feed |
Origin
social.raytec.co
May 22, 2025 at 7:35 AM
I got an advisory from CISA today with information on LummaC2 and some useless IOCs. I don't know if they were sitting on the info until the takedown or what but the quality of the product was abysmal. I hope it's not a predictor of the future of CISA.
Background info if you've no idea wtf I'm talking about:
blogs.microsoft.com/on-the-issue...
blogs.microsoft.com/on-the-issue...
Disrupting Lumma Stealer: Microsoft leads global action against favored cybercrime tool
Microsoft and partners disrupted Lumma Stealer, malware used to steal data and enable cybercrime. Legal action was filed on May 13 by Microsoft DCU
blogs.microsoft.com
May 21, 2025 at 9:07 PM
I got an advisory from CISA today with information on LummaC2 and some useless IOCs. I don't know if they were sitting on the info until the takedown or what but the quality of the product was abysmal. I hope it's not a predictor of the future of CISA.