Attention, cybercriminals in action: New Lumma stealer threatens!

Attention, cybercriminals in action: New Lumma stealer threatens!

In the past few weeks, the Cybersecurity landscape has changed rapidly through the discovered, improved version of the malware lumma stealer. Security researchers from Trend Micro report this threatening further development, which is not only more difficult to recognize, but also uses legitimate domains to distract from their true intentions. But what exactly makes Lumma stealer one of the most feared malware of the scene? b2b-cyber-security.de provides interesting insights into the adaptability of this threat.

lumma stealer is not new-this malware has been active since at least August 2022. According to check-point.com, the perpetrators are known for their professionalism under the pseudonym “Shamel”. Lumma is offered as part of Malware-as-A-Service at prices from $ 250 to $ 20,000. This price structure also makes it possible to access inexperienced cybercriminals to access powerful tools for stealing access data.

technologies and tactics of the Lumma stealer

The new version of Lumma offers sophisticated methods to avoid security tests. It is striking that the malware not only steals access data, but also cryptocurrencies and other sensitive information. Your operators use complex tactics, which are often supported by various updates and a modular design in order to adequately adapt to safety analyzes. Lumma is distributed via compromised websites and fake software downloads, a method that enables criminals to get started. The hackers also rely on Cloudflare to blur their digital trace b2b-cyber-security.de.

Another aspect that makes Lumma stealer particularly dangerous are the diverse delivery methods. Phishing attacks have recently developed considerably and are becoming more and more sophisticated. Over 57% of the recognized threats are generated by malware-as-a-service, as the Darkrace Threat Report 2024 shows. These findings illustrate how much cybercrime is professionalized Cloudcomputing-insider.de.

The effects of the takedown operations

In May 2025 there was a great international effort in which Europol, which FBI and Microsoft were involved, came to weaken the infrastructure of Lumma. Despite the success in which almost 2,500 domains were put out of action, the malware was able to quickly adapt their tactics and continue their operations. Experts are disagreed with the long -term consequences. Some believe that Lumma's threat is now lower, while others think that the crème de la crème of cybercrime is still at work and could possibly develop new, even more subtle methods. In any case, the increasing use of Maas tools shows that the cyber environment is constantly evolving check-point.com.