Maliciously Crafted Cracked Software Propagates Lumma Stealer via YouTube

Summary:

In an attempt to deceive users into downloading the information-stealing virus Lumma, threat actors are exploiting YouTube videos featuring content related to cracked software. These videos typically include content related to the use of cracked software, accompanied by identical installation instructions. Furthermore, Lumma Stealer was recently discovered to incorporate a new feature, providing persistent Google OAuth access.

Threat Level – Red | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.