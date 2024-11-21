Read more about Lumma Stealer:

Instant messaging app Telegram is gaining traction as a malware-spreading platform, according to cybersecurity firm McAfee.

Two McAfee researchers analyzed in a November 20 blog post how Lumma Stealer, one of the most used infostealers, is being distributed on Telegram.

The researchers believe that threat actors have identified the messaging platform as a lucrative distribution vector because it reaches a broad and often unsuspecting audience.

Deploying the infostealer via Telegram also bypasses traditional detection mechanisms.

Lumma Stealer Disguised as Benign Apps

The McAfee researchers identified two prominent Telegram channels distributing Lumma Stealer payloads through cracking software or archived versions of seemingly benign software.

The first channel, named VIP HitMaster Program, has over 42,000 subscribers, and the second, named MegaProgram +, has 8660. Both channels regularly forward each other’s messages.

Indian Telegram users are the most affected by this threat, followed by US and European users.