Malware-Traffic-Analysis.net - 2025-02-13: Quick post: ClickFix style infection for Lumma Stealer

2025-02-13 (THURSDAY): QUICK POST: CLICKFIX STYLE INFECTION FOR LUMMA STEALER

NOTES:

Zip files are password-protected. Of note, this site has a new password scheme. For the password, see the "about" page of this website.

ASSOCIATED FILES:

2025-02-13-IOCs-for-ClickFix-page-leading-to-LummaStealer.txt.zip 1.7 kB (1,658 bytes)
2025-02-13-ClickFix-style-copy-past-script-leads-to-Lumma-Stealer.pcap.zip 45.7 MB (45,743,897 bytes)
2025-02-13-traffic-to-www.ridgefieldrecovery_com.saz.zip 41.3 MB (41,301,678 bytes)
2025-02-13-files-and-info-from-the-infection.zip 14.1 MB (14,095,134 bytes)

IMAGES

Shown above: Screenshot of page from the compromised website.

Click here to return to the main page.