EXPOSED: OnlyFans Hack Gone Wrong - How Cyber Criminals Turn into Victims Overnight
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A sophisticated operation has been uncovered that turns aspiring OnlyFans hackers into victims. A user named Bilalkhanicom offered a tool to 'check' OnlyFans accounts on a hacking forum, which turned out to be a delivery system for Lummac stealer malware. This malware, developed by a threat actor known as 'Shamel' or 'Lumma', targets cryptocurrency wallets, 2FA browser extensions, and sensitive information. The malware connects to a GitHub account named 'UserBesty' to download additional payloads. The operation extends beyond OnlyFans, targeting Disney+, Instagram, and botnet aspiring hackers. The malware's architecture hints at potential geopolitical connections, with folder names suggesting global influences. Several recently created .shop domains serve as command-and-control servers for the malware.
OPENCTI LABELS :
onlyfans,lummac stealer
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
EXPOSED: OnlyFans Hack Gone Wrong - How Cyber Criminals Turn into Victims Overnight