Increase in Lumma Stealer Malware and Android SpinOk SDK Spyware, Along with ChatGPT Name Abuses

Blog
Increase in Lumma Stealer Malware and Android SpinOk SDK Spyware, Along with ChatGPT Name Abuses

Here are some key points from the H2 2023 threat report released by ESET, a cybersecurity company:

1. Abuse of the ChatGPT name: ESET has blocked 650,000 attempts to access malicious domains with names referencing the ChatGPT chatbot. Some apps ask users to provide their private API keys for ChatGPT, which can lead to the keys being exposed and misused. Users should be educated on how to detect and avoid browsing suspicious ChatGPT-related websites, as well as secure their private API keys and never share them.

2. Rise of the Lumma Stealer malware: In H2 2023, there was a decline in malicious cryptominers but an increase in cryptostealers, primarily due to Lumma Stealer. This malware targets cryptocurrency wallets, user credentials, and two-factor authentication browser extensions. Lumma Stealer deployment tripled between H1 and H2 2023, and multiple tiers are offered for the malware with varying prices. It shares a code base with other information stealers and is likely developed by the same author. Various distribution vectors are used, including cracked software installations, fake browser update campaigns, and Discord’s content delivery network.

3. Android SpinOk SDK spyware: The SpinOk SDK, initially marketed as a gaming platform to monetize app traffic, was found to act as spyware. It connects to a command and control server to gather data from Android devices, including potentially sensitive clipboard content. It attempts to stay undetected by using device sensors to check if it’s running in a virtual or lab environment. The SDK was incorporated into numerous legitimate Android apps, leading to over 421 million downloads. Google removed the apps once the malicious features were discovered. It highlights the risk of incorporating third-party code and the need for analysis, static analysis tools, and monitoring network traffic.

These risk mitigation tips aim to address the mentioned cybersecurity threats, ensuring user education, secure API key handling, software analysis, and monitoring network traffic for suspicious activity.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
tr_20241223-crm-tips.jpg

7 Key CRM Strategies to Enhance Sales Productivity

  • GLOBUS.studio
tr_20241223-us-bank-business-checking-review.jpg

US Bank Business Checking Review 2025: Advantages, Fees, and Highlights

  • GLOBUS.studio
tr_20241223-career-essentials-generative-ai-review.jpg

Microsoft Launches Its First Free Generative AI Certificate

  • GLOBUS.studio
AdobeStock_584485928.jpeg

Essential Payroll Documents Required for Employee Payments

  • GLOBUS.studio
how-to-set-up-a-virtual-call-center-featured-image-12202024-min.jpg

The Easy Guide to Setting Up an Efficient Virtual Call Center

  • GLOBUS.studio
Robot-bot-chatbot-AI.jpg

A Jobseeker’s Handbook: Leveraging AI and Its Implications for Employers

  • GLOBUS.studio
tr_20241220-top-software-development-technologies.jpg

8 Key Software Development Technologies to Watch in 2025

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources