How Cynet Blocked the Latest Lumma Stealer Campaign

31/01/2025CynetNews
Cynet Blocked the Latest Lumma Stealer Campaign

Cynet’s Orion Threat Research Team has tracked a large-scale campaign to distribute the Lumma Stealer malware through fake CAPTCHA pages. After monitoring smaller scale Lumma Stealer circulation for months, Orion observed a significant surge in attempted attacks over the holidays.

What is Lumma Stealer?

Lumma Stealer is an infostealer designed to breach systems and exfiltrate valuable data such as logins, financial records, or crypto wallet credentials. It can be licensed for use through malware-as-a-service models in cybercriminal forums.

How Does This Campaign Work?

In this recently observed campaign, Lumma Stealer was delivered through malicious ads, a tactic known as “malvertising.”

  • Malicious ads direct users to a fake CAPTCHA page that asks them to verify they are human.
  • Clicking through the fake CAPTCHA verification process initiates the download of Lumma Stealer.

Cynet’s Protection Against Lumma Stealer

Cynet partners and customers are fully protected. The All-in-One Cybersecurity Platform successfully blocked thousands of Lumma Stealer infection attempts targeting dozens of customers since the campaign launched.

By detecting and preventing Lumma Stealer in the initial stages of each attempted attack, Cynet effectively safeguarded customers’ sensitive information while ensuring their environments remain secure against further compromise.

Why This Matters?

These results reflect Cynet’s commitment to complete protection for partners and customers, empowering their teams to focus on their 2025 business goals with confidence. Successful protection against Lumma Stealer also highlights the importance of:

  • Proactive security capabilities
  • A Zero Trust approach
  • Actionable cyber threat intelligence

Staying Ahead of Cyber Threats

Cynet is proud to have provided these protections for customers and partners before the Lumma Stealer campaign began.

The outcomes exemplify how the All-in-One Cybersecurity Platform, which recently achieved 100% Visibility and 100% Detection in the 2024 MITRE ATT&CK Evaluation, makes it easy for MSP and SME cybersecurity teams to stay a step ahead of emerging threats.