Increase in Lumma Stealer Malware and Android SpinOk SDK Spyware, Along with ChatGPT Name Abuses

Blog
Increase in Lumma Stealer Malware and Android SpinOk SDK Spyware, Along with ChatGPT Name Abuses

Here are some key points from the H2 2023 threat report released by ESET, a cybersecurity company:

1. Abuse of the ChatGPT name: ESET has blocked 650,000 attempts to access malicious domains with names referencing the ChatGPT chatbot. Some apps ask users to provide their private API keys for ChatGPT, which can lead to the keys being exposed and misused. Users should be educated on how to detect and avoid browsing suspicious ChatGPT-related websites, as well as secure their private API keys and never share them.

2. Rise of the Lumma Stealer malware: In H2 2023, there was a decline in malicious cryptominers but an increase in cryptostealers, primarily due to Lumma Stealer. This malware targets cryptocurrency wallets, user credentials, and two-factor authentication browser extensions. Lumma Stealer deployment tripled between H1 and H2 2023, and multiple tiers are offered for the malware with varying prices. It shares a code base with other information stealers and is likely developed by the same author. Various distribution vectors are used, including cracked software installations, fake browser update campaigns, and Discord’s content delivery network.

3. Android SpinOk SDK spyware: The SpinOk SDK, initially marketed as a gaming platform to monetize app traffic, was found to act as spyware. It connects to a command and control server to gather data from Android devices, including potentially sensitive clipboard content. It attempts to stay undetected by using device sensors to check if it’s running in a virtual or lab environment. The SDK was incorporated into numerous legitimate Android apps, leading to over 421 million downloads. Google removed the apps once the malicious features were discovered. It highlights the risk of incorporating third-party code and the need for analysis, static analysis tools, and monitoring network traffic.

These risk mitigation tips aim to address the mentioned cybersecurity threats, ensuring user education, secure API key handling, software analysis, and monitoring network traffic for suspicious activity.

Unlock your business potential with our expert guidance. Get in touch now!

Contact us
AI & Neural Networks Applications Big Data and Data Analysis Blockchain Cloud Computing and Services Digital Marketing in IT Digital Transformation E-commerce Technologies GLOBUS.studio GLOBUS.studio IT Consulting and Strategies IT for Businesses IT Security and Cybersecurity Learning Mobile Development News Project Management SaaS Solutions SEO/SMO/SMM Software Development Technologies Uncategorised UX/UI Web Development
Merger-business-connect-adobe.jpg

Exclusive Interview with Abhijit Dubey, CEO of NTT Data on a Global Scale

  • GLOBUS.studio
tr_20240725-best-call-center-software.jpg

Top 6 Call Center Software Programs in 2024

  • GLOBUS.studio
bing-ai-search-jul-24.png

Microsoft is experimenting with incorporating new generative AI search technology into Bing

  • GLOBUS.studio
dice-risk-gamble-adobe.jpeg

Code42, an insider threat specialist, to be acquired by Mimecast

  • GLOBUS.studio
tr_20240724-best-data-science-courses.jpg

7 Top Data Science Courses You Should Take in 2024

  • GLOBUS.studio
Syrian-refugees-Turkey-Getty.jpg

NCA confiscates numerous social media profiles utilized by human traffickers

  • GLOBUS.studio
AdobeStock_781969564_Editorial_Use_Only.jpg

The Ultimate Guide for 2024

  • GLOBUS.studio

Explore More

Your Gateway to Useful Resources