Kinda Blog by CryptoLek

All things infostealers. Week 52, 2024

A brief look at all things infostealers for the week 52, 2024 (23.12.2024–29.12.2024). Oh look, this is the last week of the year! For the last week I have 2 updates on the Lumma and minor update on Banshee stealers and, coincidentally, two articles on, wait for it, Lumma again!

You know, I post to this blog with a thought that now one going to read it or it will not bring any value to anyone. Posting for the sake of posting, because it sparks a joy when I click on publish. However, something interesting happened, which made me pretty happy. A security researcher, Efstratios Lontzetidis, linked one of the infostealer update posts from my blog!

Lumma Update

Note: The update posts are copy-pasted as is (and machine-translated if post wasn’t available in English)

Update 23.12

  1. Added autoloading clipper module supporting BTC, ETH, BNB, TRX, SOL, LTC. Available in “Corporate” plan
  2. Added Bitcoin Armory crypto-wallet collection
  3. Improved clipboard data collection in Clipboard.txt
  4. Improved bot detection
  5. Improved layout on mobile devices
  6. Fixed collection of video card list in System.txt
  7. Common proxies have been replaced
  8. Cleaned WD 10/11 + Cloud

Screenshot from XSS forum

Update 28.12

  1. Improved search by url
  2. Fixed SOL address spoofing in clipper
  3. Replaced common proxies
  4. Cleaned WD 10/11 + Cloud

Screenshot from XSS forum

Banshee Update

Remember MacOS infostealer named Banshee Stealer, which had it’s source code leaked in the end of November) and briefly stopped/shutdown?

On 12th December the developer of the stealer announced on the XSS forum that they are back, made some changes to the architecture, and resuming the sales of the software (with some discount).

And on 27th December they have made a post saying that the project has been sold, and they are no longer the owner.

Screenshot from XSS forum

Articles/News

Lumma 2024: Dominating the Info-Stealer Market

  • https://medium.com/@s.lontzetidis/lumma-2024-dominating-the-info-stealer-market-070e7d8fa3d6

Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%

  • https://www.infosecurity-magazine.com/news/infostealers-lumma-stealer/

CryptoLek

, , ,