CYFIRMA Research
Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.
CYFIRMA Research
CYFIRMA Research- Fake Telegram Premium Site Distributes New Lumma Stealer Variant
CYFIRMA researchers have uncovered a malware campaign exploiting a spoofed Telegram Premium site—telegrampremium[.]app—to distribute a new variant of Lumma Stealer.
Key Findings:
• Drive-by download delivers malicious start.exe without user interaction
• Targets browser credentials, crypto wallets, system info
• Employs obfuscation, DGA-based domains, public DNS evasion
• Uses legitimate platforms (e.g., t.me, Steam) for stealthy C2
• Windows-focused, written in C/C++, and uses advanced evasion techniques
Stay vigilant. Threat actors are innovating—brand impersonation and drive-by downloads are on the rise.
Link to the Research Report: https://www.cyfirma.com/research/fake-telegram-premium-site-distributes-new-lumma-stealer-variant/
#CyberSecurity #ThreatIntelligence #Malware #LummaStealer #Telegram #CYFIRMA #InfoStealer #CyberThreat #APT
https://www.cyfirma.com/