Hundreds of cyberattacks daily have been spreading the novel Rugmi malware loader in October and November, representing a significant increase from the single-digit daily detections of the trojan beforehand, The Hacker News reports.
Threat actors have used Rugmi, which contains a downloader for the encrypted payload and two other loaders, to distribute various information-stealing malware, including Vidar, RecordBreaker or Raccoon Stealer V2, Lumma Stealer or LummaC2, and Rescoms, according to a report from ESET.
Meanwhile, the Lumma Stealer has also been noted to not only have been derived from the codebases of the Vidar, Mars, and Arkei stealers but also integrate updated functionality to bypass security systems.
"Ready-made malware solutions contribute to the proliferation of malicious campaigns because they make the malware available even to potentially less technically skilled threat actors. Offering a broader range of functions then serves to render Lumma Stealer even more attractive as a product," said ESET.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news