“traffic, showing the http get request with the associated parameters including the unique identifier and authentication token ( figure 3 ). this traffic pattern represents a new addition to lumma stealer ' s communication repertoire, occurring alongside its traditional c & c prot…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.001Malware
78%
“##er operators : - enhanced evasion - the detailed system profiling allows the malware to identify virtual machines, sandboxes, and analysis environments - improved targeting - operators can selectively deploy payloads based on victim profiles and system capabilities - operationa…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
78%
“##s, or urgent security alerts that trick users into downloading malicious attachments or clicking suspicious links - exercise caution with online advertisements. be wary of clicking on advertisements, especially those offering free software downloads, urgent security warnings, o…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1055.012Process Hollowing
57%
“, 2025, trend ’ s telemetry began to detect a notable uptick in activity associated with lumma stealer, revealing a shift in its targeting strategy as new endpoints emerged as prime targets ( figure 1 ). a key development in this resurgence is the implementation of browser finger…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1071.001Web Protocols
45%
“increase in lumma stealer activity coincides with use of adaptive browser fingerprinting tactics malware increase in lumma stealer activity coincides with use of adaptive browser fingerprinting tactics in this blog entry, trend™ research analyses the layered command - and - contr…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.002Tool
31%
“##er operators : - enhanced evasion - the detailed system profiling allows the malware to identify virtual machines, sandboxes, and analysis environments - improved targeting - operators can selectively deploy payloads based on victim profiles and system capabilities - operationa…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations while enhancing collection of victim-environment data.