www.mcafee.com
Open in
urlscan Pro
23.204.27.36
Public Scan
URL:
https://www.mcafee.com/blogs/other-blogs/mcafee-labs/lumma-stealer-on-the-rise-how-telegram-channels-are-fueling-malwar...
Submission: On November 22 via api from IN — Scanned from US
Submission: On November 22 via api from IN — Scanned from US
Form analysis 4 forms found in the DOM
https://www.mcafee.com/blogs
<form class="desktop-search-form-v2" action="https://www.mcafee.com/blogs">
<div><span class="search_icon_desktop"> <img src="/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/search_icon_black.svg" alt="search grey icon"> </span></div>
<div class="desktop-search-div"><input class="dsk-search" autocomplete="off" name="s" type="text" placeholder="Search"></div>
</form>https://www.mcafee.com/blogs
<form class="desktop-search-form" style="display: none;" action="https://www.mcafee.com/blogs">
<div class="desktop-search-div"><input class="dsk-search" autocomplete="off" name="s" type="text" placeholder="Type and hit enter..."></div>
<div><span class="close_icon_desktop"> <img src="https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/cross-grey-icon.svg" alt="close grey icon"> </span></div>
</form>https://www.mcafee.com/blogs
<form class="form-inline my-2 my-lg-0" action="https://www.mcafee.com/blogs">
<div class="input-group mb-3 search-div">
<div class="input-group-append"><button class="sarch-btn" type="button"><span class="fa fa-search" title="Type and hit enter..."><span style="display: none;">.</span></span> </button>
</div>
</div>
</form>https://www.mcafee.com/blogs
<form action="https://www.mcafee.com/blogs" class="desktop-search-form" style="display: none;">
<div class="desktop-search-div">
<input class="dsk-search" name="s" type="text" placeholder="Type and hit enter..." autocomplete="off">
</div>
<div><span class="close_icon_desktop">
<img src="https://www.mcafee.com/blogs/wp-content/themes/securingtomorrow-brillio/img/new-icons/cross-grey-icon.svg" alt="close grey icon">
</span>
</div>
</form>Text Content
* Products
* All-In-One Protection
* NEW
McAfee+ Individual Plans
Complete privacy, identity and device protection for individuals.
* NEW
McAfee+ Family Plans
Complete privacy, identity and device protection for up to 6 family
members.
* Other Products & Services
* Antivirus
* Scam Protection
* Virtual Private Network (VPN)
* Mobile Security
* PC Optimizer
* TechMaster Concierge
* McAfee Assist
* Free Tools & Downloads
* Web Protection
* Free Antivirus Trial
* Device Security Scan
* Password Generator
* Features
* Keep Me Private Online
* Personal Data Cleanup
* Online Account Cleanup
* VPN (Virtual Private Network)
* Social Privacy Manager
* Safeguard My Identity
* Identity Monitoring
* Credit Monitoring
* Security Freeze
* Identity Theft Coverage & Restoration
* Password Manager
* Protect My Devices
* Antivirus
* Scam Protection
* Web Protection
* Protect My Family
* Protection Score
* Parental Controls
* Family Plans
* Resources
* Stay Updated
* McAfee Blog
* Reports and Guides
* McAfee on YouTube
* Prevent Spam and Phishing
* Learn More
* Learn at McAfee
* What is Antivirus?
* What is a VPN?
* What is Identity Theft?
* Press & News
* McAfee Newsroom
* AI News & Scams
* About Us
* Our Company
* Company Overview
* Awards & Reviews
* Investors
* Our Efforts
* Inclusion & Diversity
* Integrity & Ethics
* Public Policy
* Join Us
* Careers
* Life at McAfee
* Our Teams
* Our Locations
* Why McAfee
Products
All-In-One Protection
NEW McAfee+ Individual Plans
Complete privacy, identity and device protection for individuals.
NEW McAfee+ Family Plans
Complete privacy, identity and device protection for up to 6 family members.
Other Products & Services
Antivirus
Scam Protection
Virtual Private Network (VPN)
Mobile Security
PC Optimizer
TechMaster Concierge
McAfee Assist
Free Tools & Downloads
Web Protection
Free Antivirus Trial
Device Security Scan
Password Generator
Features
Keep Me Private Online
Personal Data Cleanup
Online Account Cleanup
VPN (Virtual Private Network)
Social Privacy Manager
Safeguard My Identity
Identity Monitoring
Credit Monitoring
Security Freeze
Identity Theft Coverage & Restoration
Password Manager
Protect My Devices
Antivirus
Scam Protection
Web Protection
Protect My Family
Protection Score
Parental Controls
Family Plans
Resources
Stay Updated
McAfee Blog
Reports and Guides
McAfee on YouTube
Prevent Spam and Phishing
Learn More
Learn at McAfee
What is Antivirus?
What is a VPN?
What is Identity Theft?
Press & News
McAfee Newsroom
AI News & Scams
About Us
Our Company
Company Overview
Awards & Reviews
Investors
Our Efforts
Inclusion & Diversity
Integrity & Ethics
Public Policy
Join Us
Careers
Life at McAfee
Our Teams
Our Locations
Why McAfee
Support
Help
Customer Support
Support Community
FAQs
Contact Us
Activation
Activate Retail Card
Region
Asia Pacific
Australia - English
New Zealand - English
Singapore - English
Malaysia - English
Philippines - English
India - English
대한민국 - 한국어
日本 - 日本語
中国 - 简体中文
香港特別行政區 - 繁體中文
台灣 - 繁體中文
Europe
Česká Republika - Čeština
Danmark - Dansk
Suomi - Suomi
France - Français
Deutschland - Deutsch
Ελλάδα - Ελληνικά
Ireland - English
Magyarország - Magyar
ישראל - עברית
Italia - Italiano
Nederland - Nederlands
Norge - Bokmål
Polska - Polski
Portugal - Português
Россия - Русский
España - Español
Sverige - Svenska
Suisse - Français
Schweiz - Deutsch
Türkiye - Türkçe
العربية - العربية
United Kingdom - English
North America
United States - English
Canada - English
Canada - Français
South America
Argentina - Español
Brasil - Português
Chile - Español
Colombia - Español
México - Español
Perú - Español
Sign in
* Support
* Help
* Customer Support
* Support Community
* FAQs
* Contact Us
* Activation
* Activate Retail Card
* * Asia Pacific
* Australia-English
* New Zealand-English
* Singapore-English
* Malaysia-English
* Philippines-English
* India-English
* 대한민국-한국어
* 日本-日本語
* 中国-简体中文
* 香港特別行政區-繁體中文
* 台灣-繁體中文
* Europe
* Česká Republika-Čeština
* Danmark-Dansk
* Suomi-Suomi
* France-Français
* Deutschland-Deutsch
* Ελλάδα-Ελληνικά
* Ireland-English
* Magyarország-Magyar
* ישראל-עברית
* Italia-Italiano
* Nederland-Nederlands
*
* Norge-Bokmål
* Polska-Polski
* Portugal-Português
* Россия-Русский
* España-Español
* Sverige-Svenska
* Suisse-Français
* Schweiz-Deutsch
* Türkiye-Türkçe
* العربية-العربية
* United Kingdom-English
* North America
* United States-English
* Canada-English
* Canada-Français
* South America
* Argentina-Español
* Brasil-Português
* Chile-Español
* Colombia-Español
* México-Español
* Perú-Español
* Sign in
*
* Blog
* Topics
How To Guides and Tutorials Internet Security Mobile Security Family Safety
Privacy & Identity Protection Security News
* At McAfee
McAfee News Executive Perspectives McAfee Labs Life at McAfee Hackable?
Podcast
* English
* Portuguese (BR)
* Spanish
* French(FR)
* German
* Italian
* Japanese
* French(CA)
* Portuguese (PT)
* Spanish (MX)
* Dutch
*
* Blog
* Topics
How To Guides and Tutorials Internet Security Mobile Security Family Safety
Privacy & Identity Protection Security News
* At McAfee
McAfee News Executive Perspectives McAfee Labs Life at McAfee Hackable?
Podcast
* .
* Portuguese (BR) Spanish French(FR) German Italian Japanese French(CA)
Portuguese (PT) Spanish (MX) Dutch
Blog Other Blogs McAfee Labs Lumma Stealer on the Rise: How Telegram Channels
Are Fueling Malware Proliferation
LUMMA STEALER ON THE RISE: HOW TELEGRAM CHANNELS ARE FUELING MALWARE
PROLIFERATION
McAfee Labs
Nov 20, 2024
18 MIN READ
Authored by: M, Mohanasundaram and Neil Tyagi
In today’s rapidly evolving cyber landscape, malware threats continue to adapt,
employing new tactics and leveraging popular platforms to reach unsuspecting
victims. One such emerging threat is the Lumma Stealer—a potent
information-stealing malware recently gaining traction through Telegram
channels. With Telegram’s popularity as a messaging and sharing platform, threat
actors have identified it as a lucrative distribution vector, bypassing
traditional detection mechanisms and reaching a broad, often unsuspecting
audience.
Fortunately, McAfee’s advanced security solutions are equipped to detect and
mitigate threats like Lumma Stealer. Through cutting-edge threat intelligence,
behavioral analysis, and real-time monitoring, McAfee provides robust defenses
against this malware, helping users secure their personal data and digital
assets. In this blog, we will explore the tactics, techniques, and procedures
(TTPs) used by Lumma Stealer, examine its capabilities, and discuss how McAfee
solutions can help safeguard users from this rapidly spreading threat.
* Telegram channel offering malware disguised as crack software
* https[:]//t[.]me/hitbase
* Notice the high subscriber count of 42k.
* Last post on 3rd Nov
* Another example of a telegram channel offering malware to benign users.
* https[:]//t[.]me/sharmamod
* Subscriber count 8.66k
* Last post on 3rd Nov
* Also notice that both the channels are related as they are forwarding
messages from each other’s telegram channel.
* McAfee detects these fake crack software as [Trojan:Win/Lummastealer.SD]
* Threat Prevalence observed as per McAfee telemetry data.
* India is most affected by this threat, followed by the USA and Europe.
* This blog will dissect one specific file, CCleaner 2024.rar. The others are
similar in nature except for the theme.
* The hash for this file is
3df7a19969e54bd60944372e925ad2fb69503df7159127335f792ad82db7da0b.
* The extracted rar contains Microsoft DLL files
* Readme.txt contains the link to the telegram channel
* CCleaner 2024.exe is a .NET application
* We load the file into Dnspy and check the main function.
* In this, we have two calls to a function UninitializeBuilder, which decrypts
the blob of data that is passed to it (AIOsncoiuuA & UserBuffer) along with
the key (Alco and key).
* Decryption Key (Alco) and Encrypted data (AIOsncoiuuA) for the first call.
* Decryption Key (Key) and Encrypted data (UserBuffer) for the Second call.
* Snippet of the decryption Function.
* Decrypted data is saved into variable uiOAshyuxgYUA.
* We put a breakpoint on the end of this function and run the program to get
the decrypted value of each call.
* For the first call, we get the following decrypted data in memory. We see
process injection API calls were decrypted in memory.
* We can also see the target program in which the process injection will take
place, in this case, RegAsm.exe.
* We can confirm this through the process tree.
* We let the breakpoint hit again to get the next layer decrypted PE file
* We can observe the decrypted PE bytes, dump this payload to disk, and inspect
the next stage.
* Stage1 is a V C++ compiled file.
* We checked the payload sections and discovered that it holds encrypted data.
* Snippet of the decryption loop.
* Following decryption, the data is written to two files in the AppData Roaming
folder.
* The first payload written in the AppData\Roaming folder is the .NET file
“XTb9DOBjB3.exe”(Lumma_stealer) and the second payload also .Net file
“bTkEBBlC4H.exe”(clipper).
* Upon examining both payloads, we observed that they employ the same
decryption logic as the main file(ccleaner).
Lumma stealer:
* After dumping the payload from the .NET file, we discovered it is a 32-bit
GUI Portable Executable.
* “winhttp.dll is dynamically loaded into the program using the LoadLibraryExW
function.
* Upon inspecting the PE file, Base64-encoded strings were identified within
the binary.
* The encoded data is first decoded from Base64 format, converting it back into
binary. The decoded data is then passed through a decryption routine to
recover the plaintext.
* We observe that the Plaintext resembles a domain, and it’s used to establish
communication with a threat actor to exfiltrate the data.
* Code snippet for WinHttpOpenRequest:
List of Requests with post method:
* “hxxps://snarlypagowo.site/api”
* “hxxps://questionsmw.store/api”
* “hxxps://soldiefieop.site/api”
* “hxxps://abnomalrkmu.site/api”
* “hxxps://chorusarorp.site/api”
* “hxxps://treatynreit.site/api”
* “hxxps://mysterisop.site/api”
* “hxxps://absorptioniw.site/api”
At last, it connects to the steam community
* (hxxps://steamcommunity.com/profiles/76561199724331900),
The malware extracts the Steam account name, initially obfuscated to evade
detection, and decodes it to reveal the C2 domain. This step is essential for
establishing a connection between the compromised device and the attacker’s
server, allowing further malicious activity such as data exfiltration and
additional payload delivery. By using this technique, the attackers effectively
bypass basic detection mechanisms, making it harder for traditional security
solutions to identify the communication with the C2 server.
* This is the snippet of the Steam community:
* Upon checking the data, it was observed that the user’s name was obfuscated
and had many aliases. We observed that the actual_persona_name fetched and it
deobfuscated by the below code.
* Upon de-obfuscation, we found the plain text and its domain
“marshal-zhukov.com”.
* Upon establishing a connection, the C2 server responded with configuration
data in Base64 encoded format. The encoded data is first decoded from Base64
format, converting it back into binary. The decoded data is then passed
through a decryption routine to recover the plaintext.
* Config for collecting wallet information.
* For Browser information:
* For FTP and email information:
* It also collects system information and sends it to c2.
* Clipper:
* Once we dumped the payload from the .NET file, we found that it was a 32-bit
.NET executable named “Runtime64.exe.”
* We load the file into dnspy and check the main function.
* It begins by checking the
mutex(“sodfksdkfalksdasgpkprgasdgrrkgwhrterheegwsdfwef”) to see if it’s
already running on the machine.
* Autorun.is_installed: This function checks if the program is set to run on
system startup. If autorun is not configured, it adds one to enable automatic
execution on startup.
* This file sets the hidden attribute to false to remove the hidden status and
set it as a system file to protect it.
* This Clipboard Monitor.run function Uses the following regex patterns to
match the wallet addresses.
* If it matches, it replaces the clipboard content with the specified address
to hijack the cryptocurrency.
* Code snippet for clipboard monitor and replacement:
CONCLUSION
The Lumma Stealer is a stark reminder of the ever-evolving nature of cyber
threats and the rapid adaptability of malware tactics. Its spread through
Telegram channels demonstrates how easily threat actors can exploit popular
platforms to distribute malicious code to a broad audience. With Lumma Stealer
capable of stealing sensitive information and compromising user privacy, the
potential damage it can cause is significant.
In this increasingly dangerous cyber landscape, having robust, up-to-date
protection has never been more crucial. McAfee’s advanced threat detection and
proactive defense mechanisms provide users with a vital safeguard against such
threats. By combining real-time monitoring, behavioral analysis, and continuous
updates to counter new TTPs, McAfee helps users stay one step ahead of malicious
actors. As TTPs evolve rapidly, maintaining comprehensive antivirus protection
is essential to safeguarding personal data, financial information, and privacy.
Staying vigilant and equipped with the proper security solutions ensures that
users are prepared to face the latest threats head-on.
Indicators of Compromise
BLTools v4.5.5 New.rar
000756bedf4e95de6781a4193301123032e987aba33dcd55c5e2a9de20a77418 Blum Auto Bot
Token.rar 06715881cd4694a0de28f8d2e3a8cc17939e83a4ca4dee2ebb3078fc25664180
Netflix Online Video 2024.rar
072aa67c14d047621e0065e8529fadd0aac1c1324e10e5d027c10073fffcd023 YouTube
Downloader Version 2.1.6.rar
1724f486563c5715ce1fe989e8f4ca01890970816c5ffc2e5d0221e38cf9fdb9 Full Adobe
Photoshop 2024 + CDkey.rar
174690d86d36c648a2d5a595bc8cfae70c157f00c750c36fd1a29f52011af5e2 Youtube
Downloader Video 2024 Version.rar
18aca8b28750c9673f1c467f5eab1bbae4ad6c79f3fe598318c203c8e664d44f ChatGPT-5
Version 2024 .rar
24a32d763e458e5440cb18f87685cc5626bf62cd9c3ca7bab10f0ced629708ee Valorant
Checker by Xinax 2024.rar
31a818c75d35bafc58c62c7522503f90be7b684803883e5f07c4cc16f517d1d0 Activation
Windows 8,10,11 FULL + CDkey.rar
338ec6016db4eb95b15bc0822fc1d745f107ae0739a57b41ef10c9f64b6c8077 Ccleaner
2024.rar 3df7a19969e54bd60944372e925ad2fb69503df7159127335f792ad82db7da0b CC
Checker AcTeam 2024 New.rar
535650b613161c011086eab9d87189aa637f8575e52442db6e81602e67a2e4f4 Netflix mail
access Checker 2024 New.rar
61a17a91ce2a98b455a50ff37b33368fe3b2f3a516cf94c5d7b18e386274557b Paypal Checker
New 2024 version.rar
840a255a184d3e819a07e3749b5e32da84f607ac7025366967d12dac0c5fa859 Free YouTube
Downloader 2024.rar
9be6ea9ab019c7bd59fab7097ceb9cd465a6ae0c6b9a50d55432a0bfb5e1f184 Microsoft
Office 2024 + CDkey.rar
a541b66785534bca646a7691c7a2a5630947ecbd4ee2544b19a5f8347f70f923 Crypto Seed
Checker 2024 version.rar
ac5c6793354b2be799ce755828d72f65a0c2ea63ccc942208c22e893a251b52c Phemex
CryptoBot.rar b53e0759fa11d6d31b837adf5c5ceda40dd01aa331aa42256282f9ca46531f25
SQLi Dumper v10.5.rar
ce8e7b2a6222aa8678f0c73bd29a9e3a358f464310002684d7c46b2b9e8dcf23 Cyber Ghost VPN
+ Key master.rar
d31520c4a77f01f0491ef5ecf03c487975182de7264d7dce0fb7988e0cea7248 AIO checker New
Version 9.10.rar
d67cc175e2bb94e2006f2700c1b052123961f5f64a18a00c8787c4aa6071146f Spotify Desktop
Version 2024.rar
e71e23ad0e5e8b289f1959579fb185c34961a644d0e24a7466265bef07eab8ec Nord VPN 2024 +
Key.rar fa34c20e1de65bfff3c0e60d25748927aa83d3ea9f4029e59aaedb4801220a54
Paysafecard Checker 2024 version.rar
fb60510e8595b773abde86f6f1792890978cd6efc924c187cb664d49ef05a250 TradingView
2024 New Version (Desktop).rar
fdc6ebf3968cd2dfcc8ad05202a847d7f8b2a70746800fd240e6c5136fcd34f6 Telegram
channel · https[:]//t[.]me/hitbase
Telegram channel
· https[:]//t[.]me/sharmamod
C2 marshal-zhukov.com
INTRODUCING MCAFEE+
Identity theft protection and privacy for your digital life
Download McAfee+ Now
Stay Updated
Follow us to stay updated on all things McAfee and on top of the latest consumer
and mobile security threats.
McAfee Labs Threat Research Team
McAfee Labs is one of the leading sources for threat research, threat
intelligence, and cybersecurity thought leadership. See our blog posts below for
more information.
MORE FROM MCAFEE LABS
Previous
FAKE BAHRAIN GOVERNMENT ANDROID APP STEALS PERSONAL DATA USED FOR FINANCIAL
FRAUD
Authored by Dexter Shin Many government agencies provide their services online
for the convenience of their citizens....
May 31, 2024 | 7 MIN READ
HOW SCAMMERS HIJACK YOUR INSTAGRAM
Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user
base and dynamic platform, has become...
May 14, 2024 | 6 MIN READ
FROM SPAM TO ASYNCRAT: TRACKING THE SURGE IN NON-PE CYBER THREATS
Authored by Yashvi Shah and Preksha Saxena AsyncRAT, also known as “Asynchronous
Remote Access Trojan,” represents a...
May 08, 2024 | 10 MIN READ
THE DARKGATE MENACE: LEVERAGING AUTOHOTKEY & ATTEMPT TO EVADE SMARTSCREEN
Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has
recently uncovered a novel infection...
Apr 29, 2024 | 13 MIN READ
THE DARK SIDE OF GEN AI
There’s no denying that Generative Artificial Intelligence (GenAI) has been one
of the most significant technological developments...
Nov 18, 2024 | 5 MIN READ
BEHIND THE CAPTCHA: A CLEVER GATEWAY OF MALWARE
Authored by Yashvi Shah and Aayush Tyagi Executive summary McAfee Labs recently
observed an infection chain where...
Sep 20, 2024 | 8 MIN READ
CRACKED SOFTWARE OR CYBER TRAP? THE RISING DANGER OF ASYNCRAT MALWARE
Authored by Neil Tyagi In cybersecurity, threats constantly evolve, and new ways
to exploit unsuspecting users are...
Sep 19, 2024 | 14 MIN READ
NEW ANDROID SPYAGENT CAMPAIGN STEALS CRYPTO CREDENTIALS VIA IMAGE RECOGNITION
Authored by SangRyol Ryu Recently, McAfee’s Mobile Research Team uncovered a new
type of mobile malware that...
Sep 05, 2024 | 10 MIN READ
THE SCAM STRIKES BACK: EXPLOITING THE CROWDSTRIKE OUTAGE
Authored by Lakshya Mathur, Vallabh Chole & Abhishek Karnik Recently we
witnessed one of the most significant...
Jul 30, 2024 | 5 MIN READ
OLYMPICS HAS FALLEN – A MISINFORMATION CAMPAIGN FEATURING A VOICE CLONED ELON
MUSK
Authored by Lakshya Mathur and Abhishek Karnik As the world gears up for the
2024 Paris Olympics,...
Jul 26, 2024 | 6 MIN READ
CLICKFIX DECEPTION: A SOCIAL ENGINEERING TACTIC TO DEPLOY MALWARE
Authored by Yashvi Shah and Vignesh Dhatchanamoorthy McAfee Labs has discovered
a highly unusual method of malware...
Jul 11, 2024 | 9 MIN READ
QUALITY OVER QUANTITY: THE COUNTER-INTUITIVE GENAI KEY
It’s been almost two years since OpenAI launched ChatGPT, driving increased
mainstream awareness of and access to...
Jun 28, 2024 | 3 MIN READ
FAKE BAHRAIN GOVERNMENT ANDROID APP STEALS PERSONAL DATA USED FOR FINANCIAL
FRAUD
Authored by Dexter Shin Many government agencies provide their services online
for the convenience of their citizens....
May 31, 2024 | 7 MIN READ
HOW SCAMMERS HIJACK YOUR INSTAGRAM
Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user
base and dynamic platform, has become...
May 14, 2024 | 6 MIN READ
FROM SPAM TO ASYNCRAT: TRACKING THE SURGE IN NON-PE CYBER THREATS
Authored by Yashvi Shah and Preksha Saxena AsyncRAT, also known as “Asynchronous
Remote Access Trojan,” represents a...
May 08, 2024 | 10 MIN READ
THE DARKGATE MENACE: LEVERAGING AUTOHOTKEY & ATTEMPT TO EVADE SMARTSCREEN
Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has
recently uncovered a novel infection...
Apr 29, 2024 | 13 MIN READ
THE DARK SIDE OF GEN AI
There’s no denying that Generative Artificial Intelligence (GenAI) has been one
of the most significant technological developments...
Nov 18, 2024 | 5 MIN READ
BEHIND THE CAPTCHA: A CLEVER GATEWAY OF MALWARE
Authored by Yashvi Shah and Aayush Tyagi Executive summary McAfee Labs recently
observed an infection chain where...
Sep 20, 2024 | 8 MIN READ
CRACKED SOFTWARE OR CYBER TRAP? THE RISING DANGER OF ASYNCRAT MALWARE
Authored by Neil Tyagi In cybersecurity, threats constantly evolve, and new ways
to exploit unsuspecting users are...
Sep 19, 2024 | 14 MIN READ
NEW ANDROID SPYAGENT CAMPAIGN STEALS CRYPTO CREDENTIALS VIA IMAGE RECOGNITION
Authored by SangRyol Ryu Recently, McAfee’s Mobile Research Team uncovered a new
type of mobile malware that...
Sep 05, 2024 | 10 MIN READ
THE SCAM STRIKES BACK: EXPLOITING THE CROWDSTRIKE OUTAGE
Authored by Lakshya Mathur, Vallabh Chole & Abhishek Karnik Recently we
witnessed one of the most significant...
Jul 30, 2024 | 5 MIN READ
OLYMPICS HAS FALLEN – A MISINFORMATION CAMPAIGN FEATURING A VOICE CLONED ELON
MUSK
Authored by Lakshya Mathur and Abhishek Karnik As the world gears up for the
2024 Paris Olympics,...
Jul 26, 2024 | 6 MIN READ
CLICKFIX DECEPTION: A SOCIAL ENGINEERING TACTIC TO DEPLOY MALWARE
Authored by Yashvi Shah and Vignesh Dhatchanamoorthy McAfee Labs has discovered
a highly unusual method of malware...
Jul 11, 2024 | 9 MIN READ
QUALITY OVER QUANTITY: THE COUNTER-INTUITIVE GENAI KEY
It’s been almost two years since OpenAI launched ChatGPT, driving increased
mainstream awareness of and access to...
Jun 28, 2024 | 3 MIN READ
FAKE BAHRAIN GOVERNMENT ANDROID APP STEALS PERSONAL DATA USED FOR FINANCIAL
FRAUD
Authored by Dexter Shin Many government agencies provide their services online
for the convenience of their citizens....
May 31, 2024 | 7 MIN READ
HOW SCAMMERS HIJACK YOUR INSTAGRAM
Authored by Vignesh Dhatchanamoorthy, Rachana S Instagram, with its vast user
base and dynamic platform, has become...
May 14, 2024 | 6 MIN READ
FROM SPAM TO ASYNCRAT: TRACKING THE SURGE IN NON-PE CYBER THREATS
Authored by Yashvi Shah and Preksha Saxena AsyncRAT, also known as “Asynchronous
Remote Access Trojan,” represents a...
May 08, 2024 | 10 MIN READ
THE DARKGATE MENACE: LEVERAGING AUTOHOTKEY & ATTEMPT TO EVADE SMARTSCREEN
Authored by Yashvi Shah, Lakshya Mathur and Preksha Saxena McAfee Labs has
recently uncovered a novel infection...
Apr 29, 2024 | 13 MIN READ
Next
* 1
* 2
* 3
Back to top
*
*
*
*
*
--------------------------------------------------------------------------------
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA
Products
McAfee+™ Individual
McAfee+™ Family
McAfee® Total Protection
McAfee® Antivirus
McAfee® Safe Connect
McAfee® PC Optimizer
McAfee® TechMaster
McAfee® Mobile Security
Resources
Antivirus
Free Downloads
Parental Controls
Malware
Firewall
Blogs
Activate Retail Card
McAfee Labs
Support
Customer Service
FAQs
Renewals
Support
Community
About
About McAfee
Careers
Contact Us
Newsroom
Investors
Legal Terms
Your Privacy Choices
System Requirements
Sitemap
--------------------------------------------------------------------------------
United States / English Copyright © 2024 McAfee, LLC
Copyright © 2024 McAfee, LLC
United States / English
✓
Thanks for sharing!
AddToAny
More…
Feedback