Intel Name: Unmasking the evolving threat: a deep dive into the latest version of lumma infostealer with code flow obfuscation
Date of Scan: April 25, 2025
Impact: High
Summary: Lumma Stealer, first detected in 2022, remains a persistent and evolving threat, frequently adapting its tactics, techniques, and procedures (TTPs) to match emerging trends. Distributed via a subscription-based Malware-as-a-Service (MaaS) model on the dark web, Lumma is built to evade detection by identifying virtual and sandbox environments. It can exfiltrate sensitive data such as browser credentials, email information, cryptocurrency wallet data, and other personally identifiable information (PII) stored within critical system directories.
