LummaC2
Description
(Cofense) Lumma Stealer, also known as LummaC2, is a subscription-based information stealer that was first seen in 2022. It is written in C and has a wide array of capabilities. This malware is primarily used for stealing cryptocurrency wallets and sensitive information such as usernames and passwords. Lumma Stealer also has the ability to deliver additional payloads.
Names
| Name |
|---|
| LummaC2 |
| Lumma Stealer |
Category
Malware
Type
- Info stealer
Information
- https://cofense.com/blog/luxury-hotels-remain-target-of-social-engineering-attack/
- https://securelist.com/crimeware-report-asmcrypt-loader-lumma-stealer-zanubis-banker/110512/
- https://outpost24.com/blog/lummac2-anti-sandbox-technique-trigonometry-human-detection/
- https://perception-point.io/blog/behind-the-attack-lumma-malware/
- https://www.fortinet.com/blog/threat-research/lumma-variant-on-youtube
- https://www.ontinue.com/resource/obfuscated-powershell-leads-to-lumma-c2-stealer/
- https://www.cloudsek.com/blog/unmasking-the-danger-lumma-stealer-malware-exploits-fake-captcha-pages
- https://www.bitdefender.com/blog/hotforsecurity/lumma-stealer-campaign-targets-league-of-legends-world-championship-fans-through-social-media-ads/
- https://blog.qualys.com/vulnerabilities-threat-research/2024/10/20/unmasking-lumma-stealer-analyzing-deceptive-tactics-with-fake-captcha
- https://securelist.com/fake-captcha-delivers-lumma-amadey/114312/
- https://www.mcafee.com/blogs/other-blogs/mcafee-labs/lumma-stealer-on-the-rise-how-telegram-channels-are-fueling-malware-proliferation/
- https://www.cybereason.com/blog/threat-analysis-rise-of-lummastealer
- https://asec.ahnlab.com/en/85699/
- https://www.bleepingcomputer.com/news/security/hundreds-of-fake-reddit-sites-push-lumma-stealer-malware/
- https://www.netskope.com/blog/lumma-stealer-fake-captchas-new-techniques-to-evade-detection
- https://www.trendmicro.com/en_us/research/25/a/lumma-stealers-github-based-delivery-via-mdr.html
- https://www.cloudsek.com/blog/lumma-stealer-chronicles-pdf-themed-campaign-using-compromised-educational-institutions-infrastructure
- https://securelist.com/lumma-fake-captcha-attacks-analysis/116274/
- https://asec.ahnlab.com/en/86435/
- https://www.cybereason.com/blog/threat-analysis-lummastealer-2.0
- https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-141b
- https://blogs.microsoft.com/on-the-issues/2025/05/21/microsoft-leads-global-action-against-favored-cybercrime-tool/
- https://www.justice.gov/opa/pr/justice-department-seizes-domains-behind-major-information-stealing-malware-operation
- https://blog.checkpoint.com/security/lumma-infostealer-down-but-not-out/
Other Information
Uuid
b0283459-01a2-4745-bb9e-3ed188d0f1df
Last Card Change
2025-06-27