The sophisticated info-stealer known as Lumma, marketed as Malware-as-a-Service (MaaS) since 2022, has gained traction in the cybercriminal underworld. Lumma’s infection methods are diverse and include phishing emails, trojanized applications, social engineering, and exploited websites. Recently, Lumma has been observed using fake CAPTCHA pages, whereby users are tricked into executing a malicious command, initiating the malware installation process. Lumma continues to grow its presence on dark web marketplaces and Telegram channels.
New Android malware exploits NFC to steal funds instantly
Security experts warn of a new Malware as a Service platform, “Supercard X”, targeting Android devices by exploiting Near Field Communication (NFC) for fraudulent purposes.
