The notorious malware is known to steal passwords, browsing history, and even cryptocurrency.
The Cyber Security Center has come to the attention of a new way of spreading a notorious malware. Dmitry Tishenko
In its weekly review, the Finnish Transport and Communications Agency Traficom’s Cybersecurity Center warns about the Lumma Stealer malware, which has made headlines before, which has been developed to steal data from infected devices. Information can be sold on for use in data breaches or phishing.
According to the findings of the authorities, Lumma Stealer, which is popular with cybercriminals and is also known as LummaC2, has been distributed during the autumn, among other things, in pop-up ads on websites, in fake search engine results and directly by e-mail.
Cybersecurity Center’s special expert Helina Turunen says in the announcement that the notorious malware has also been spread in ways that do not appear to users to be spreading malware.
– You have to be especially careful with websites that ask you to execute commands on your own device, the real effect or origin of which you don’t necessarily understand, says Turunen.
According to reports made to the Cybersecurity Center, users have been lured into copying text from websites into the Windows command prompt in order to install malware. The term clickfix is used for the method.
The Windows command line is a powerful tool when used correctlybut it might be better to leave it alone if you don’t know what you’re doing.
In October, it was reported that Lumma Stealer is the most common malware in Finland and the fourth most common in the world.
– The development of data-stealing malware shows that cybercriminals are constantly renewing their methods and utilizing innovative attack methods, Research Director at Check Point Software Maya Horowitz said in a statement in October.
Do this if you suspect infection
If you suspect that your device is infected, you should check the system with anti-virus software.
After this, you should change the passwords of the services used on the device and, in addition, log out of all such services where you are currently logged in. The implementation of two- or multi-step authentication also provides additional protection.
Cybersecurity Center recommends that organizations reduce the risk of installing malware by preventing the use of the command line and Powershell with basic user credentials.