New Malware Campaign Distributes Lumma and ACR Stealer via Cracked Software

Published:

spot_img

Rising Threat of Information Stealers: New Malware Campaigns Exploit Cracked Software and MSC Files

Cybersecurity Alert: Surge in Malware Campaigns Targeting Software Users

Feb 24, 2025 – By Ravie Lakshmanan

In an alarming trend, cybersecurity experts are raising red flags over a new malware campaign that preys on users seeking cracked software versions, subsequently delivering information-stealing trojans such as Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) has reported a significant uptick in ACR Stealer incidents since January 2025, with hackers employing advanced techniques to outsmart defenses.

ACR Stealer utilizes a method known as “dead drop resolver,” extracting command-and-control (C2) server addresses via legitimate platforms like Steam and Google Forms. “Threat actors encode the C2 domain in Base64 on a specific web page,” ASEC revealed. “The malware decodes this to execute malicious actions,” heightening the challenge for security protocols.

The malware has evolved from earlier distributions via Hijack Loader, now capable of siphoning vast amounts of sensitive information, including browser data and cryptocurrency wallets. ASEC also highlighted another disturbing development: the emergence of files with an "MSC" extension, designed to exploit vulnerabilities in Microsoft’s Management Console, unleashing the Rhadamanthys stealer upon execution.

This threat landscape is compounded by a recent Hudson Rock report indicating that over 30 million systems have fallen victim to such stealers in recent years, resulting in the theft of vital corporate credentials. With cybercriminals offering stolen access for a mere $10, the implications for sensitive sectors are grave, especially within defense and military domains.

As malware tactics continue to diversify, experts urge organizations to enhance their cybersecurity measures. The rise in these sophisticated threats underscores a vital need for vigilance in digital environments, where compromised credentials can lead to catastrophic breaches.

spot_img

Related articles

Recent articles

Hackers Expose 19,000 Files, Including Nuclear Blueprints, from India’s Largest Plant on Dark Web

Hackers Expose 19,000 Files, Including Nuclear Blueprints, from India's Largest Plant on Dark Web A significant cybersecurity breach has emerged involving the Kudankulam Nuclear Power...

Australia-India PACTS Advances Cybersecurity and Technology Cooperation

Australia-India PACTS Advances cybersecurity and Technology Cooperation Australia and India have launched the Australia-India Partnership on Cyber, Critical Technologies, and Supply Chains (PACTS), a strategic...

Microsoft’s July Patch Tuesday Unveils Critical Exploits Amidst 622 Vulnerabilities

Microsoft's July Patch Tuesday Unveils Critical Exploits Amidst 622 Vulnerabilities Microsoft's recent Patch Tuesday has revealed significant vulnerabilities, with two of them already being exploited...

Enshi Suobuya Stone Forest Boosts Cultural Experiences for Southeast Asian Tourists

Enshi Suobuya Stone Forest Boosts Cultural Experiences for Southeast Asian Tourists ENSHI, CHINA - As China continues to refine its inbound visa-free policies, the Suobuya...