The Lumma Stealer infostealer malware is more and more wanted by cybercriminals, based on cybersecurity agency ESET which reported a 369% surge in detections in its telemetry within the second half of 2024.
Lumma Stealer first appeared within the wild in 2022, ultimately showing on the listing of prime ten infostealers detected by ESET merchandise in H2 2024.
The now dominant infostealer targets two-factor authentication (2FA) browser extensions, consumer credentials and cryptocurrency wallets.
Amongst infostealers, the Bratislava-based agency famous that the long-dominant Agent Tesla malware was changed by Formbook.
Generally known as XLoader, Formbook has been energetic since 2016 however continues to be regularly utilized by cybercriminals as a result of as malware-as-a-service (MaaS) it’s beneath fixed growth, famous one malware analyst in ESET’s H2 2024 Risk Report.
In the meantime, regardless of infamous “infostealer-as-a-service” Redline Stealer being taken down by worldwide authorities in October 2024 as a part of Operation Magnus it’s anticipated that its demise will result in the enlargement of different comparable threats, based on ESET.
Alexandre Côté Cyr, ESET Malware Researcher, mentioned in ESET’s H2 2024 Risk Report that the creator of the RedLine infostealer is unlikely to try to resurrect the malware.
“RedLine associates may also in all probability wish to transfer on, since regulation enforcement now has the database with their usernames and last-used IP,” he mentioned.
“All in all, we will anticipate that the facility vacuum left by RedLine’s takedown will result in a bump within the exercise of different MaaS infostealers.”
On ransomware, the agency’s evaluation famous that following the takedown of the infamous LockBit ransomware, a vacuum has been created which is being crammed by different menace actors.
Notably, RansomHub ransomware-as-a-services has develop into dominant within the latter half of 2024. ESET mentioned it has “stacked up a whole bunch of victims by the tip of H2 2024.”
“The second half of 2024 appears to have stored cybercriminals busy discovering safety loopholes and modern methods to broaden their sufferer pool, within the typical cat-and-mouse recreation with defenders. Because of this, we’ve seen new assault vectors and social engineering strategies, new threats skyrocketing in our telemetry, and takedown operations resulting in shake-ups of beforehand established ranks,” commented Jiří Kropáč, ESET Director of Risk Detection.
