"LummaC2 Infostealer Resurfaces With Obfuscated PowerShell Tactics"

"LummaC2" malware has reemerged, infiltrating and exfiltrating sensitive data. The infostealer malware actively exploits PowerShell commands. According to researchers at Ontinue, the latest variant of LummaC2 uses sophisticated tactics. LummaC2, which was first seen in Russian-speaking forums in 2022, is a C-based tool distributed as Malware-as-a-Service (MaaS). New findings regarding LummaC2's initial attack vector delve into its use of obfuscated PowerShell commands that download and execute payloads, often employing Microsoft's Living-off-the-Land binaries (LOLbins) for malicious purposes. This article continues to discuss findings regarding the new LummaC2 variant.

Infosecurity Magazine reports "LummaC2 Infostealer Resurfaces With Obfuscated PowerShell Tactics"

Submitted by grigby1
 

Submitted by Gregory Rigby on