Lumma Stealer Targets League of Legends World Championship Fans

Fake League of Legends Download Ads Spread Lumma Stealer Malware

League of Legends fans beware! A new malware campaign targeting the League of Legends World Championship is spreading rapidly.  Learn how to protect yourself from the Lumma Stealer virus and keep your gaming experience safe.

As the League of Legends (LoL) World Championship heats up (Sept 23–Nov 2, 2024), cybercriminals are taking the opportunity to target unsuspecting fans with malware campaigns. A recent report from Bitdefender Labs warns of a new threat targeting gamers across Europe and has already claimed around 4,000 victims, mostly male adults. 

The malicious campaign is exploiting the excitement surrounding the global esports event. The scam involves carefully crafted social media advertisements that lure fans into downloading what appears to be a legitimate League of Legends game. It is worth noting that the game is already free to play and this is just a trick to lure users. 

Lumma Stealer Targets League of Legends World Championship Fans
One of the malicious League of Legends ads on Facebook discovered by Bitdefender

When the download button is clicked, Lumma Stealer malware is installed, allowing criminals to extract sensitive information such as credit card information, passwords, crypto wallets, and browser session cookies. 

The scam was discovered by Bitdefender Labs’ researcher Ionut Baltariu. As per their findings shared with Hackread.com ahead of publishing on Wednesday, the attackers are using social media platforms to reach League of Legends enthusiasts with ads that promise a free download of the game. Those who fall for the ad are directed to a page mimicking an older version of the League of Legends download page crafted using typosquatting to make it harder to detect.

After clicking the download link, they are directed to a Bitbucket repository containing a malicious archive. The downloaded archive contains an executable and a legitimate Windows file, user32.dll, which serves as a dropper for Lumma Stealer, a dangerous malware part of the MaaS (Malware-as-a-Service) economy. 

The Lumma Stealer Threat:

Lumma Stealer is a powerful data-stealing malware capable of extracting sensitive information from infected devices. Cybercriminals can steal steal social media accounts, and sell stolen data on underground markets, facilitating identity theft and phishing attacks. Also, Lumma injects itself into a legitimate Windows process, bitlockertogo.exe, to remain undetected by antivirus software.

To protect yourself from cybercriminals during the League of Legends World Championship, follow these precautions: double-check website URLs, download from official sources like the official website or Steam, be cautious of online ads that seem too good to be true, and use a strong security solution like a reputable antivirus and security suite. Stay alert against cybersecurity risks to have a safe gaming experience.

  1. Analysis of Top Infostealers: Redline, Vidar and Formbook
  2. LummaC2 Malware Variant Uses Obfuscation to Steal Data
  3. Hacked YouTube Channels Spread Lumma via Cracked Software
  4. PDiddySploit Malware Hidden in Files Revealing Deleted Diddy Posts
  5. LummaC2 v4.0 Steals Data with Trigonometry to Detect Human Users
Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts