LummaC2 Malware and Malicious Chrome Extension Delivered
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
In August 2024, eSentire's Threat Response Unit observed a sophisticated attack involving LummaC2 stealer malware and a malicious Google Chrome browser extension. The attack leveraged DLL side-loading to execute a loader delivering the malware and a PowerShell script that installed the extension. The extension manipulated browser activities, stole data like credentials and crypto wallets, and enabled remote control of infected systems. The infection chain showcased evasive tactics and the ability to dynamically alter web content, highlighting the importance of robust endpoint security, security awareness training, and secure software configurations.
OPENCTI LABELS :
stealer,malware,credentials,crypto,browser,lummac2,extension,control,remote
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
LummaC2 Malware and Malicious Chrome Extension Delivered