popup

Cyber Threat Trends

  1. Day Month

Gemelli flickerflypro flickerfly

Summary: 2025/04/29 00:38

First reported date: 2023/09/04
Inquiry period : 2025/04/22 00:38 ~ 2025/04/29 00:38 (7 days), 4 search results

전 기간대비 75% 높은 트렌드를 보이고 있습니다.
전 기간대비 상승한 Top5 연관 키워드는 LummaStealer Lumma Stealer IoC 입니다.
공격기술 MalSpam 도 새롭게 확인됩니다.
기타 clarmodqtop Somebody c&c name Bankas 등 신규 키워드도 확인됩니다.

Lumma is an information stealer written in C, sold as a Malware-as-a-Service by LummaC on Russian-speaking underground forums and Telegram since at least August 2022. Lumma's capabilities are those of a classic stealer, with a focus on cryptocurrency wallets, and file grabber capabilities. - malpedia

참고로 동일한 그룹의 악성코드 타입은 FormBook QakBot RedLine 등 101개 종이 확인됩니다.

Trend graph by period


Related keyword cloud
Top 100
# Trend Count Comparison
1LummaStealer 4 ▲ 3 (75%)
2Lumma 4 ▲ 3 (75%)
3Stealer 4 ▲ 3 (75%)
4clarmodqtop 2 ▲ new
5IoC 2 ▲ 1 (50%)
6Somebody 1 ▲ new
7MalSpam 1 ▲ new
8c&c 1 ▲ new
9name 1 ▲ new
10Bankas 1 ▲ new
11Beogradska 1 ▲ new
12late 1 ▲ new
13biosphxeredigital 1 ▲ new
14malspamming 1 ▲ new
15cartograhphytop 1 ▲ new
16detailed 1 ▲ new
17Report 1 ▲ new
18continuation 1 ▲ new
19Cybereason 1 ▲ new
20equatorfrun 1 ▲ new
21climatologfytop 1 ▲ new
22Operation 1 ▲ new
Special keyword group
Top 5
Malware Type
Malware Type

This is the type of malware that is becoming an issue.

Keyword Average Label
LummaStealer
4 (50%)
Lumma
4 (50%)
Attacker & Actors
Attacker & Actors

The status of the attacker or attack group being issued.

No data.

Attack technique
Technique

This is an attack technique that is becoming an issue.

Keyword Average Label
Stealer
4 (80%)
MalSpam
1 (20%)
Country & Company
Country & Company

This is a country or company that is an issue.

No data.

Malware Family
Top 5

A malware family is a group of applications with similar attack techniques.
In this trend, it is classified into Ransomware, Stealer, RAT or Backdoor, Loader, Botnet, Cryptocurrency Miner.

Threat info
Last 5

SNS

(Total : 4)
  Total keyword

LummaStealer Lumma Stealer IoC MalSpam c&c Report Operation

No Title Date
1Szabolcs Schmidt @smica83
Somebody is using the late Beogradska Banka's name for #malspamming. Attachment looks like a #LummaStealer Sample @abuse_ch https://t.co/jGuqxryHO6 C2: 84.38.132(.)39:7702 @_operations6_ this mail is croatian? https://t.co/stKsTklO4d		2025.04.26
2Konstantin Nikolenko @K_N1kolenko
#LummaStealer #ioc biosphxere.digital cartograhphy.top clarmodq.top climatologfy.top geographys.run topographky.top tropiscbs.live vigorbridgoe.top woodpeckersd.run		2025.04.25
3Virus Bulletin @virusbtn
Cybereason researchers present the continuation of their LummaStealer report, providing detailed insights to assist security analysts in identifying, classifying, containing and eradicating incidents involving LummaStealer. https://t.co/RF6fOgybcM https://t.co/p3V2Q2UdnO		2025.04.24
4Konstantin Nikolenko @K_N1kolenko
#LummaStealer #ioc clarmodq.top climatologfy.top equatorf.run hemispherexz.top latitudert.live longitudde.digital piratetwrath.run quilltayle.live starofliught.top		2025.04.22

News

(Total : 0)

No data.

Additional information

No data
No data
No data
No data
No URL CC ASN Co Reporter Date
1http://185.215.113.19//inc/blackload.exe
LummaStealer 		anonymous2025.04.26
2http://185.215.113.19//inc/broadcom5.exe
LummaStealer 		anonymous2025.04.26
3http://185.215.113.19//inc/mobiletrans.exe
LummaStealer 		anonymous2025.04.26
4http://185.215.113.19//inc/CompleteStudio.exe
LummaStealer 		anonymous2025.04.26
5http://185.215.113.19//inc/lummetc.exe
LummaStealer 		anonymous2025.04.26
View only the last 5
Beta Service, If you select keyword, you can check detailed information.