This article provides supplementary data for a Lumma Stealer infection originally documented in a SANS ISC diary entry from January 2026. The post includes essential forensic artifacts such as network traffic captures (PCAPs), Indicators of Compromise (IOCs), and malware samples related to the infection and subsequent follow-up activity observed by the researcher.
Security analysts can utilize these resources to study the behavior of Lumma Stealer and the additional payloads delivered during the campaign. The site notes a change in its password scheme for protected archives, instructing users to check the 'about' page for access credentials.
Top comments (0)