Cybersecurity firm ESET has reported a significant increase in the detection of the Lumma Stealer infostealer malware, noting a staggering 369% surge in detections in the second half of 2024. This rise in popularity among cybercriminals has put the Lumma Stealer on the radar as one of the top ten infostealers detected by ESET products in the latter half of 2024.
Initially emerging in 2022, the Lumma Stealer has now become a dominant force in the realm of infostealers, targeting a wide range of valuable information including two-factor authentication (2FA) browser extensions, user credentials, and cryptocurrency wallets. This malicious software has proven to be a lucrative tool for cybercriminals looking to exploit sensitive data for illicit gains.
In a notable shift in the world of infostealers, ESET has observed the decline of the long-standing Agent Tesla malware, which has been replaced by the increasingly popular Formbook. Also known as XLoader, Formbook has been active since 2016 and continues to be a favored choice among cybercriminals due to its status as a malware-as-a-service (MaaS) platform that undergoes constant development and improvement.
Despite the recent takedown of the infamous Redline Stealer by international authorities in October 2024 as part of Operation Magnus, ESET predicts that the void left by its demise will likely lead to the proliferation of other similar threats in the cyber landscape. Alexandre Côté Cyr, ESET Malware Researcher, suggested that the Redline affiliates are unlikely to revive the malware given the scrutiny they now face from law enforcement authorities.
On the ransomware front, ESET’s analysis has highlighted a shift in the landscape following the dismantling of the notorious LockBit ransomware, which has created an opportunity for other threat actors to step in. RansomHub, a ransomware-as-a-service provider, has emerged as a dominant player in the latter part of 2024, accumulating a substantial number of victims by the end of the year.
Reflecting on the developments in the cybersecurity landscape, Jiří Kropáč, ESET Director of Threat Detection, acknowledged the ongoing efforts of cybercriminals to exploit security vulnerabilities and deploy innovative tactics to target unsuspecting victims. The constant evolution of attack vectors, social engineering methods, and the rise of new threats underscore the dynamic nature of cybersecurity challenges faced by organizations and individuals.
As the cat-and-mouse game between cybercriminals and defenders continues, ESET remains vigilant in monitoring emerging threats and collaborating with international partners to disrupt malicious activities and safeguard cyberspace. The evolving nature of cyber threats necessitates a proactive approach to cybersecurity to mitigate risks and protect against potential attacks in an increasingly interconnected digital world.