Lumma Stealer.

A subscription-priced Russian-speaking malware-as-a-service info-stealer that emerged in 2022 and became one of the top-three stealers worldwide by 2024, distributed primarily via ClickFix lures and crack sites. サイバーセキュリティの マルウェア カテゴリに属します。

A subscription-priced Russian-speaking malware-as-a-service info-stealer that emerged in 2022 and became one of the top-three stealers worldwide by 2024, distributed primarily via ClickFix lures and crack sites.

Lumma Stealer (also called LummaC2) is a C-language Windows info-stealer first observed in mid-2022 and rented out as malware-as-a-service in Russian-speaking criminal forums. By 2024 it had become one of the dominant info-stealers worldwide alongside RedLine and StealC, having largely filled the vacuum left by RedLine and Raccoon takedowns. Capabilities are typical of the category: theft of browser cookies, saved passwords, autofill data, crypto-wallet files, Discord and Telegram tokens, Steam sessions, and arbitrary files matched against operator-supplied patterns. Lumma is widely distributed via ClickFix fake-CAPTCHA lures, malicious cracks and YouTube tutorials, malvertising, and SEO-poisoned download sites. The 2024–2025 operator added GenAI-powered command-and-control obfuscation and bundled a loader stage for follow-on payloads such as ransomware. In May 2025 Microsoft Digital Crimes Unit, the U.S. DOJ, Cloudflare, ESET and Europol jointly disrupted Lumma's infrastructure (Operation Endgame), seizing roughly 2,300 domains and disrupting the storefront, though the actor's panel and forks resurfaced within weeks.

Lumma Stealer に対する防御は通常、上記の定義で述べたとおり、技術的統制と運用上の実践を組み合わせます。

一般的な別名: LummaC2, Lumma。