LummaC2 Malware Abusing the Game Platform 'Steam'

216.73.216.233

LummaC2 Malware Abusing the Game Platform 'Steam'

· Published 26/07/2024 08:25 · Modified 26/07/2024 09:00

Essential information

Published: 26/07/2024 08:25
Modified: 26/07/2024 09:00
Tags: 2024-07-26 data theft infostealer lummac2 vidar
Related entities: 21 observables, 19 techniques (mitre), 2 malware

Description

The report investigates LummaC2, an infostealer malware actively distributed under the guise of illegal software. It highlights LummaC2's tactics of utilizing encrypted strings and abusing legitimate websites like Steam to acquire command-and-control (C2) domains. The malware steals sensitive user data and sends it to the C2 servers. The analysis delves into LummaC2's evolution, distribution methods, encryption routines, and the types of information it targets for theft.

External references

https://asec.ahnlab.com/en/68309/
https://otx.alienvault.com/pulse/66a35d901d64edbeab115298