A recent investigation has unveiled a concerning development in cyber threats, as malicious actors are utilizing the popular gaming and content creator platform Discord to distribute the Lumma Stealer malware. The attackers are exploiting Discord’s content delivery network (CDN) and its application programming interface (API) to create bots that remotely control the malware, with some of these bots sending stolen data to private Discord channels.
Lumma Stealer, which was first detected in August 2022, is being sold as a service on underground forums, with various pricing plans offering different features, and is designed to steal user credentials. Gamers and Discord users are urged to exercise caution and follow security recommendations to protect themselves from this growing threat.
In a concerning twist, Lumma Stealer, an information-stealing malware, is being distributed through the popular gaming and content creator platform Discord. Cybercriminals are leveraging Discord’s infrastructure, using its content delivery network (CDN) to host and spread the malware while employing the platform’s application programming interface (API) to create bots for remote malware control.
Some of these bots are used to transmit pilfered data to private Discord servers, marking a troubling development in cyber threats. Lumma Stealer, written in C programming language, specializes in stealing user credentials and has gained notoriety for being distributed via Discord’s CDN.
The malware, which first surfaced in August 2022, is now available as a service on underground forums. It offers various pricing plans starting at $250 per month, each with specific features. The threat actors behind Lumma Stealer have also shared that the malware can load additional files, potentially leading to more malware. The malware’s operators boast about its capability to detect “bots” using artificial intelligence and deep learning, presumably to identify and evade security researchers and emulators.
Gamers and Discord users should exercise caution when interacting with unknown sources, avoid unsolicited messages, and maintain updated antivirus software to protect against the Lumma Stealer malware. Additionally, organizations should prioritize employee training on identifying and preventing social engineering scams to bolster their cybersecurity defenses.
