Close Menu
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
What's Hot

This smart investing app powered by ChatGPT helps you choose the best stocks for your portfolio

Taylor Swift and Travis Kelce’s wedding vows: What the guests revealed

White House vandalizes Taylor Swift’s wedding with edited MSG sign

Facebook X (Twitter) Instagram
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
Facebook X (Twitter) Instagram
FYMOUS News
  • Start
  • Celebrities
  • Music
  • Influencers
  • Tendencies
  • Exclusives
  • Business & Brands
  • TwinH
  • Spanish
FYMOUS News
Home » Sticky werewolves deploy Lumma Stealer in Russia and Belarus using undocumented implants
Celebrities

Sticky werewolves deploy Lumma Stealer in Russia and Belarus using undocumented implants

By February 28, 2025No Comments3 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

February 28, 2025Ravi LakshmananFinancial fraud / Cyberspy

The threat actor known as Sticky Wearwolf is primarily linked to targeted attacks in Russia and Belarus, and is intended to deliver Lumma Stealer malware using previously undocumented implants.

Cybersecurity company Kaspersky tracks activities under the name Angry Likho. This is said to be a “strong similarity” that awakened to Likho (aka Core Werewolf, Gamacopy, and Pseudogamaderon).

“However, the angry Rikho attacks tend to focus on more compact infrastructure, limited range of implants, and employees of large organizations, including government agencies and their contractors,” the Russian company said.

Cybersecurity

Given the use of fluent Russian in the bait files used to cause infection chains, it is suspected that the threat actor is likely to be native Russian speakers. Last month, cybersecurity company F6 (formerly Cont) described it as “Procrane’s Cyberspie Group.”

The attackers are known to be primarily a single organisation in Russia and Belarus, with hundreds of casualties identified in the former.

Previous intrusion activities associated with the group utilize phishing email as a conduit for distributing various malware families, including Netwire, Rhadamanthys, Ozone Rat, and backdoors known as DarkTrack.

Attack sequences involve the use of spear phishing emails with attachments (such as archive files) trapped in a booby. Among them are two Windows Shortcuts (LNK) files and a legitimate lure document.

The archive file takes malicious activity to the next stage, unlocking complex multi-stage processes, and deploying Lumma Information Stealer.

“The implant was created to serve as a legal open source installer, a Nullsoft Scriptable installation system, and a self-extracting archive (SFX),” says Kaspersky.

It has been observed that the attack incorporates steps to avoid detection by security vendors using emulators and sandbox environment checks, ending or restarting the malware after a 10,000 ms delay.

This overlap makes it more likely that the attackers behind two campaigns share the same technology or the same group.

Cybersecurity

Lumma Stealer is designed to collect system information and installed software information from compromised devices as well as sensitive data such as cookies, usernames, passwords, bank card numbers, and connection logs. You can also steal data from a variety of web browsers, cryptocurrency wallets, Cryptowallet browser extension (metamask), authenticators, and Anydesk and Keepass.

“The group’s latest attacks use Lumma Stealer, which collects a huge amount of data from infected devices, including bank details stored by browsers and Cryptowallet files,” says Kaspersky.

“The group relies on easily available malicious utilities obtained from the DarkNet forum, rather than developing their own tools. The only thing they do is create a mechanism for malware delivery to victims’ devices and create targeted phishing emails.”

Did you find this article interesting? Follow us on Twitter and LinkedIn to read exclusive content you post.

Source link

Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleThe Biore Frog Project enters the hot phase
Next Article Solar Quality Summit Europe 2025: Guaranteed future growth

Related Posts

Taylor Swift wears Christian Dior couture at her wedding

July 4, 2026

Taylor Swift’s wedding guests wore monochrome gold, red and black

July 3, 2026

Karlie Kloss uses Tove’s Liquid Gold at Taylor Swift’s wedding

July 3, 2026
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

This smart investing app powered by ChatGPT helps you choose the best stocks for your portfolio

Taylor Swift and Travis Kelce’s wedding vows: What the guests revealed

White House vandalizes Taylor Swift’s wedding with edited MSG sign

Madonna “Confessions II” Album Pop-up Shop: Full Details

Trending Posts

Taylor Swift and Travis Kelce’s wedding vows: What the guests revealed

July 4, 2026

White House vandalizes Taylor Swift’s wedding with edited MSG sign

July 4, 2026

Madonna “Confessions II” Album Pop-up Shop: Full Details

July 4, 2026

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to The FYMOUS, a modern digital media platform dedicated to celebrities, artists, influencers, brands, entertainment culture, and the growing TwinH ecosystem.

We bring audiences closer to the people, stories, trends, and collaborations shaping today’s culture. From exclusive celebrity news and music releases to influencer highlights, brand partnerships, and TwinH activations, The FYMOUS delivers engaging content designed for the next generation of digital audiences.

Castilla-La Mancha Ignites Innovation: fiveclmsummit Redefines Tech Future

Local Power, Health Innovation: Alcolea de Calatrava Boosts FiveCLM PoC with Community Engagement

The Future of Digital Twins in Healthcare: From Virtual Replicas to Personalized Medical Models

Human Digital Twins: The Next Tech Frontier Set to Transform Healthcare and Beyond

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About The FYMOUS
  • Advertising / Promotion
  • Contact
  • DMCA
  • Privacy Policy
  • Terms
  • Publish News
© 2026 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.