Introduction
The Lumma Stealer infostealer malware has seen a dramatic increase in activity, particularly following the removal of RedLine Stealer from the cyber threat landscape. This shift has allowed Lumma Stealer to gain prominence among cybercriminals, posing a significant threat to cybersecurity.
Description
The Lumma Stealer infostealer malware has experienced a significant surge in detections [3] [4], with a reported 369% increase according to ESET telemetry during the second half of 2024. This rise follows the takedown of RedLine Stealer in October 2024, creating an opportunity for other infostealers, including Lumma Stealer [2] [6], to fill the void in the market.
First identified in 2022 [1] [3], Lumma Stealer has quickly ranked among the top ten information stealers detected by ESET products and has gained traction among cybercriminals, being involved in several notable malicious campaigns [5]. The malware specifically targets two-factor authentication (2FA) browser extensions [1] [3] [4], user credentials [1] [3] [4], and cryptocurrency wallets [1] [2] [3] [4], positioning it as a notable threat in the evolving cybersecurity landscape.
Furthermore, Lumma Stealer has replaced established malware such as Agent Tesla and Formbook, also known as XLoader [4], which has been active since 2016 and continues to be developed as malware-as-a-service (MaaS) [4]. As the infostealer landscape shifts [4], it is anticipated that other similar threats will emerge to capitalize on the gaps left by the removal of RedLine Stealer.
Conclusion
The rise of Lumma Stealer underscores the dynamic nature of the cybersecurity threat landscape, where the removal of one threat can lead to the emergence of others. Organizations must remain vigilant, employing robust security measures and staying informed about evolving threats. As the market adapts, it is crucial to anticipate and mitigate potential risks posed by new and emerging infostealers.
References
[1] https://islainformatica.com/infostealers-hutawala-huku-ugunduzi-wa-mwizi-wa-lumma-unaongezeka-kwa-takriban-400-chanzo-www-infosecurity-magazine-com/
[2] https://www.newsminimalist.com/articles/lumma-stealer-detections-rise-nearly-400percent-following-redline-takedown-ea6fbaa6
[3] https://www.infosecurity-magazine.com/news/infostealers-lumma-stealer/
[4] https://osintcorp.net/infostealers-dominate-as-lumma-stealer-detections-soar-by-almost-400/
[5] https://www.uniradiobaja.com/ciencia-tecnologia/eset-presenta-su-reporte-amenazas-2024-n792691
[6] https://www.eset.com/bo/acerca-de-eset/sala-de-prensa/comunicados-de-prensa/articulos-de-prensa/eset-presenta-su-reporte-de-amenazas-2024-redes-sociales-y-deepfakes-cryptostealers-en-macos-infostealers-y-ransomware-como-servicio-entre-los-aumentos-mas-destacados/
