Dissecting Lumma Malware: Analyzing the Fake CAPTCHA and Obfuscation Techniques – Part 2
In Part 1 of our series on Lumma Stealer, we explored the initial attack vector through a fake CAPTCHA page. We observed how the malware deceives users into downloading and executing malicious payloads. In this second series, we delve deeper into the technical details of the Lumma Stealer’s loader, focusing on its obfuscation techniques and how it […]
The journey into Mac OS infostealers
In the past weeks I interviewed some of the Mac OS malware operators that are most known in the wild. Mac OS infostealers are still a trend and a to-be-known thing that I started investigating thanks to the honest words of the people around these products, this couldn’t be possible without the insights of the […]
Cybersecurity Researcher Loses £10,000 in Infostealer Financial DDoS Attack
Recently, Rasta Mouse, a well-known cybersecurity researcher and founder of Zero-Point Security Ltd, became the target of an alarming attack that resulted in a staggering loss of £10,000. This incident, which took place while he was selling cybersecurity courses through his company’s website, highlights a new dimension of financial DDoS attacks that combine elements of […]
Infostealer Infections Shed Light on FBI’s Most Wanted Criminals
According to the FBI’s most wanted list — Mujtaba Raza and Mohsin Raza are wanted for allegedly operating a fraudulent online business based in Karachi, Pakistan. Since at least 2011, the business known as SecondEye Solution (SecondEye), aka Forwarderz, allegedly sold digital images in false identity documents including passports, driver’s licenses, bank statements, and national identity cards […]
The silent heist: cybercriminals use information stealer malware to compromise corporate networks
Context Information stealer malware steals user credentials and system information that cybercriminals exploit, predominantly for monetary gain. Information stealers have been observed in cybercrime attacks against multiple organisations and sectors worldwide, including Australia. This publication provides readers with cyber security guidance on information stealer malware, including threat activity and mitigation advice for organisations and their […]
Malicious mods: the Sims 4 infostealer threatens gamers’ security
Overview At the end of January 2024, a newly registered profile with a name very similar to that of a famous modder (PimpMySims4) uploaded a mod file to a mod community platform (ModTheSims). This mod was claimed to be an updated version of a The Sims 4 game mod. A few days later, a newly […]
Ransomware in the Cloud: Scattered Spider Targeting Insurance and Financial Industries
Executive Summary EclecticIQ analysts have conducted in-depth research on ransomware operations, focusing on attacks targeting cloud infrastructures within the insurance and financial sectors. Based on the analysis, the infrastructure and methodologies observed—particularly the automated generation of phishing pages—strongly align with the SCATTERED SPIDER activity cluster [1]. SCATTERED SPIDER frequently uses phone-based social engineering techniques like […]
EXPOSED: OnlyFans Hack Gone Wrong – How Cyber Criminals Turn into Victims Overnight
In a twist of digital irony, the cyber underworld is facing an unexpected reckoning. Veriti’s cyber research team has uncovered a sophisticated operation that’s turning aspiring OnlyFans hackers into victims, demonstrating that in the ruthless domain of cybercrime, today’s predator can swiftly become tomorrow’s prey. On a notorious hacking forum, a user named Bilalkhanicom dangled […]
Data Exploration – Shedding Light on Sanctioned Entities (Hudson Rock)
Hudson Rock’s data exploration capabilities allow for seamless analysis of massive amounts of assets associated with Infostealer infections. In this example, we analyze all domains associated with companies sanctioned by OFAC and even discover companies that should be sanctioned but aren’t. Full blog – https://www.infostealers.com/article/infostealer-malware-infections-shed-light-on-sanctioned-entities-reveals-new-targets-for-global-crackdown/ Hudson Rock’s database, containing tens of millions of infected computers […]
Anatomy of a Lumma Stealer Attack via Fake CAPTCHA Pages
As of late August 2024, attackers have been using fraudulent “human verification” pages to trick users into executing a malicious PowerShell script. This blog post will explore the full attack vector, detailing how the malware is delivered, executed, and the indicators of compromise (IOCs) involved. Lumma Stealer is designed to exfiltrate sensitive information such as […]
The Dark Truth About Infostealers: Why You Should Not Always Trust Antivirus with Leonid Rozenberg
Check out our latest interview featuring Leonid Rozenberg, where he speaks with Boris Agranovich on the Risk Management Show about the growing threat of Infostealers. Tune in on YouTube or Spotify to discover why businesses of all sizes across every industry should be concerned, explore common malware delivery methods, and debunk the TOP 5 misconceptions […]
How to Check if Your Email Has Been Compromised by an Infostealer
Our email accounts are essential repositories of financial and personal data in the digital age. Regretfully, this renders them extremely attractive targets for hackers employing malicious software referred to as infostealers. These sneaky applications are made to stealthily collect private data from compromised devices, including financial information, login credentials, and even keystrokes. What is an […]
