Hackers use fake Captcha to spread Lumma Stealer malware

According to research from cybersecurity company DNSFilter, hackers are using fake Captcha pages to spread Lumma Stealer malware. This malware, first discovered on a Greek banking website, will be downloaded when users #Windows follow the on-screen instructions.

How does Lumma Stealer work?

#LummaStealer is a type of malware specifically designed to steal information, wiping users' devices to search for sensitive data. Mikey Pruitt from DNSFilter stated that it can steal saved passwords and cookies in the browser, two-factor authentication (2FA) codes, cryptocurrency wallet data, and even remote access information. This data is then used for illegal purposes such as identity theft, account takeover, and theft of assets from cryptocurrency wallets.

The “Malware-as-a-Service” model

Lumma Stealer is a prime example of the "Malware-as-a-Service" (MaaS) model, a sustainable form of cybercrime business. Operators of this model continuously develop and refine their malware to avoid detection and sell access to other attackers through monthly subscription packages at relatively low costs, starting from $250.

Although there have been efforts to crack down by authorities, such as the U.S. Department of Justice seizing related domains, Lumma Stealer continues to reappear, demonstrating the persistence and danger of this type of attack. #anh_ba_cong