Once-hobbled Lumma Stealer is back with lures that are hard to resist
Summary
Ars Technica reports that Lumma Stealer has revived its operations using ClickFix bait and CastleLoader to install Lumma on Windows machines. The campaign leverages trusted platforms and memory-resident loaders to evade detection, with a large-scale infection campaign and extensive data exfiltration. The piece highlights defender strategies and warnings to avoid fake CAPTCHAs and suspicious download sites.