Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus

Sticky Werewolf Uses Undocumented Implant to Deploy Lumma Stealer in Russia and Belarus
Summary: The threat actor group Sticky Werewolf is conducting targeted attacks in Russia and Belarus aimed at delivering Lumma Stealer malware through a new implant. Known as Angry Likho by Kaspersky, these attacks utilize phishing tactics and sophisticated evasion techniques to compromise organizations, particularly targeting government employees and contractors. The Lumma stealer is capable of harvesting sensitive data from infected devices, including financial information and credentials.

Affected: Organizations in Russia and Belarus

Keypoints:

  • Sticky Werewolf, linked to previous attacks under the name Angry Likho, uses targeted phishing emails for malware delivery.
  • The Lumma Stealer gathers extensive sensitive information, including banking details and passwords from various applications.
  • The group employs advanced evasion techniques to bypass detection, suggesting a possible overlap with other threat groups.

Source: https://thehackernews.com/2025/02/sticky-werewolf-uses-undocumented.html