The cybersecurity firm ESET recently reported a significant increase in the detection of the Lumma Stealer infostealer malware, with a staggering 369% surge in detections in its telemetry during the second half of 2024. This malicious software, which first emerged in 2022, has now made its way onto the list of the top ten infostealers detected by ESET products in the latter half of 2024.
What sets Lumma Stealer apart is its focus on stealing two-factor authentication (2FA) browser extensions, user credentials, and cryptocurrency wallets. It has become a go-to choice for cybercriminals looking to gain unauthorized access to sensitive information and financial assets.
In the realm of infostealers, the long-standing dominance of the Agent Tesla malware has been overtaken by Formbook, also known as XLoader. Despite being active since 2016, Formbook remains popular among cybercriminals due to its status as malware-as-a-service (MaaS), which means it is continuously evolving and adapting to circumvent detection.
Notably, the infamous Redline Stealer, known for its “infostealer-as-a-service” model, was shut down by international authorities in October 2024 as part of Operation Magnus. ESET experts predict that the void left by Redline’s demise will likely be filled by other similar threats in the cybercriminal ecosystem. Alexandre Côté Cyr, a Malware Researcher at ESET, believes that the creator of RedLine is unlikely to revive the malware, as law enforcement now possesses key data that could compromise the identities of RedLine affiliates.
Moreover, ESET’s analysis highlights a shifting landscape in the realm of ransomware following the takedown of the notorious LockBit ransomware. In its place, RansomHub ransomware-as-a-service has emerged as a dominant player in the latter part of 2024, with hundreds of victims falling victim to its attacks by the end of the year.
Jiří Kropáč, ESET’s Director of Threat Detection, remarked on the evolving tactics of cybercriminals in the second half of 2024. He noted that hackers have been actively seeking out security vulnerabilities and employing innovative strategies to expand their reach. This ongoing cat-and-mouse game with cybersecurity defenders has led to the emergence of new attack vectors, social engineering tactics, and a surge in new threats detected by ESET’s telemetry.
Overall, the cyber threat landscape is constantly evolving, with cybercriminals adapting to stay one step ahead of security measures. ESET’s findings underscore the need for continued vigilance and proactive cybersecurity measures to protect against the ever-changing tactics of malicious actors in the digital realm.