Cybercriminals are leveraging hundreds of fake Reddit and WeTransfer websites to distribute the Lumma Stealer malware.
These deceptive websites mimic the appearance of legitimate platforms, tricking users into downloading malicious payloads. For instance, the fake Reddit sites display fabricated discussion threads where users appear to be assisting each other with downloading files.
The thread creator asks for help to download a specific tool, another user offers to help by uploading it to WeTransfer and sharing the link, and a third thanks him to make everything appear legitimate.
These threads often link to fake WeTransfer pages, which then redirect users to download the Lumma Stealer malware.
Lumma Stealer is a sophisticated info-stealer known for its advanced evasion techniques and data theft capabilities. It can steal sensitive information such as passwords, cookies, and other credentials, potentially allowing attackers to hijack accounts and gain access to valuable data.
This campaign highlights the ongoing threat of social engineering and the importance of critical thinking when interacting with online content. Users are advised to be wary of unsolicited downloads and to verify the authenticity of websites and messages before clicking on any links.