The Lumma Stealer information stealer’s activity has significantly declined following a doxxing campaign that exposed key members’ personal and operational details. This hit to their infrastructure led to a shift in cybercriminal focus towards alternative infostealers like Vidar and StealC. #LummaStealer #WaterKurita
Keypoints
- Lumma Stealer was sold as malware-as-a-service on underground forums since August 2022.
- Law enforcement disrupted its infrastructure in May, but activity resumed two months later.
- A doxxing campaign revealed personal details of core group members, reducing Lumma Stealer’s activity.
- The group’s Telegram account was compromised, affecting their operational communications.
- Cybercriminals shifted to alternative infostealers like Vidar and StealC following Lumma Stealer’s decline.
Read More: https://www.securityweek.com/lumma-stealer-activity-drops-after-doxxing/