- LummaC2 is an information-stealing malware that uses SEO poisoning techniques to distribute itself.
- It is actively spread disguised as illegal programs such as cracks, keygens, and game hacks on sites like YouTube and LinkedIn.
- Recently, it has been distributed by masquerading as websites for Notion, Slack, and Capcut, appearing in search engine ads.
- The execution methods of the malware are continuously evolving; it is currently distributed as single EXE files or using DLL-side loading techniques.
- In its recent variants, LummaC2 exploits the gaming platform ‘Steam’ to acquire C2 domains.
https://asec.ahnlab.com/ko/68023/
No tags for this post.