Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Hackers Deploy LUMMA via Invoice

December 1, 2023
Reading Time: 1 min read
in Alerts
Hackers Deploy LUMMA via Invoice

In recent cyber threats, hackers have devised a complex strategy, utilizing weaponized invoices to infiltrate trust in financial transactions. This malicious tactic involves embedding malware or malicious links within seemingly authentic payment requests, intending to deceive recipients into unwittingly opening the invoices. Such actions can lead to severe consequences, including potential data breaches, instances of financial fraud, and unauthorized access to sensitive information.

This threat was identified and analyzed by cybersecurity researchers at Perception Point, who uncovered a sophisticated malware dubbed “LUMMA.” The attackers, masquerading as a financial services company, lure targets by sending fabricated invoice emails. These emails prompt recipients to click on a “View & Download Invoice” link. Despite a failed attempt due to an unavailable website, the attackers ensure legitimacy by including a valid link, redirecting users after the initial button click. With hidden malicious payloads behind error pages and innocent-looking URLs, security scans fail to detect the true threat, redirecting users to harmful URLs that automatically download malicious files. The attackers, exploiting vulnerabilities, breached a legitimate website to facilitate this redirect, exposing users to the LUMMA InfoStealer malware.

The sophisticated nature of this attack, including the use of multiple processes like ‘1741[.]exe,’ ‘RegSvcs[.]exe,’ and ‘wmpnscfg[.]exe,’ from unusual folders, adds layers of complexity to the malicious activities. This incident underscores the critical necessity for advanced prevention measures, continuous monitoring, and adopting a multi-layered approach to confront and mitigate the evolving threats posed by cyber attackers in today’s digital landscape.

Read more:

  • Weaponized Invoice Delivers LUMMA Malware
Tags: AttackerCyber AlertCyber Alerts 2023Cyber RiskDecember 2023HackerinfostealerLummaLumma StealerVulnerabilities
ADVERTISEMENT

Related Posts

Fileless Remcos RAT Delivery Via LNK Files

APT28 RoundPress Webmail Hack Steals Emails

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

May 16, 2025
Fileless Remcos RAT Delivery Via LNK Files

Fileless Remcos RAT Delivery Via LNK Files

May 16, 2025
HTTPBot DDoS Threat To Windows Systems

Horabot Malware Targets LatAm Via Phishing

May 15, 2025
HTTPBot DDoS Threat To Windows Systems

Google Patches Chrome Account Takeover Bug

May 15, 2025
HTTPBot DDoS Threat To Windows Systems

HTTPBot DDoS Threat To Windows Systems

May 15, 2025

Latest Alerts

Fileless Remcos RAT Delivery Via LNK Files

FBI Warns of AI Voice Phishing Scams

APT28 RoundPress Webmail Hack Steals Emails

Google Patches Chrome Account Takeover Bug

Horabot Malware Targets LatAm Via Phishing

HTTPBot DDoS Threat To Windows Systems

Subscribe to our newsletter

    Latest Incidents

    Hackers Target Swiss Reserve Power Plant

    Coinbase Insider Attack Exposed User Data

    Cyberattack Hits J Batista Group

    Dior Breach Exposes Asian Customer Data

    Australian Human Rights Body Files Leaked

    Nucor Cyberattack Halts Plants Networks

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial