In September 2025, Trend Micro researchers noted a striking decline in new command and control infrastructure activity associated with Lummastealer (which Trend Micro tracks as Water Kurita), as well as a significant reduction in the number of endpoints targeted by this notorious malware.
This sudden drop appears to align with a targeted underground exposure campaign that has put the spotlight on individuals allegedly linked to the Lummastealer operation. Allegedly driven by competitors, this campaign has unveiled personal and operational details of several supposed core members, leading to significant changes in Lummastealer’s infrastructure and communications.
Read more…
Source: Trend Micro
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- UK: Whitehall is at risk from hackers due to poor cyber defences
January 29, 2025
Whitehall departments are at growing risk of being hacked because anti-cyber attack defences are ‘lower’ than thought, an alarming report has found. The inquiry by the National Audit Office (NAO) was branded a ‘wake-up call’ for officials to step-up defences against hostile actors.It identified a shortage of cyber skills within departments and risks posed by outdated ...
- Smiths Group: Shares fall as engineering giant hit by cyber attack
January 28, 2025
Global engineering firm Smiths Group has reported a cyber security incident involving unauthorised access to its systems. Upon detecting the breach, the firm promptly isolated the affected systems and activated its business continuity plans to mitigate disruptions. The company, known for its baggage screening equipment and explosive detectors, is collaborating with cyber-security experts to restore the ...
- The Honeymoon for Cloud Services Is Over
January 27, 2025
The cloud services you rely on are no longer as secure as they used to be. Once seemingly a safe haven for data and applications, attackers are increasingly leveraging cloud services for command and control—and the Symantec Threat Hunter Team predicts an unnerving upshoot in 2025. The Microsoft breach by Russian nation-state actors is one instance ...
- Chinese tech startup DeepSeek says it was hit with ‘large-scale malicious attacks’
January 27, 2025
Chinese tech startup DeepSeek said it was hit by a cyber attack on Monday that disrupted users’ ability to register on the site. The company, whose artificial intelligence chatbot has sent the tech world into a frenzy, said that it had suffered “large-scale malicious attacks” on its services. Registered users could log in normally, DeepSeek said. Read ...
- The British Museum says it is partly closed after a fired employee shut down IT systems
January 25, 2025
The British Museum, the country’s most popular tourist attraction, was partially closed to the public on Saturday after an employee who had been fired broke in and shut down computer systems, museum management said. The museum in central London, which attracts almost 6 million visitors a year, closed its temporary exhibitions and part of its permanent ...
- FBI Agents’ Call And Text Logs Potentially Stolen In Data Breach
January 23, 2025
The FBI has raised alarm that hackers who breached AT&T’s system last year may have stolen months of agents’ call and text logs, which could potentially lead to the identities of anonymous informants connected to investigations. While the hackers did not access the content of conversations, the stolen call log metadata—records of who called whom, when ...