Tech »  Topic »  Lumma Stealer malware hides in a fake Telegram Premium site, launching without user clicks

Lumma Stealer malware hides in a fake Telegram Premium site, launching without user clicks

5 days, 7 hours ago   techradar.com
  • Lumma Stealer malware hides in a fake Telegram Premium site, launching without user clicks
  • Executable uses cryptor obfuscation to bypass most traditional antivirus scanning techniques entirely
  • Malware connects to real Telegram servers while secretly sending stolen data to hidden domains

A malicious campaign is targeting users through a fraudulent Telegram Premium website, delivering a dangerous variant of the Lumma Stealer malware.

A report from Cyfirma claims the domain telegrampremium[.]app closely mimics the legitimate Telegram Premium brand and hosts a file named start.exe.

This executable, built in C/C++, is automatically downloaded upon visiting the site, requiring no user interaction.

Criminals are using a dangerous fake free VPN to spread malware via GitHub - here's how to stay safeMajor new malware strain targets crypto users via malicious ads - here's what we know, and how to stay safeWatch out - that DeepSeek installer could be damaging malware

A ...


Copyright of this story solely belongs to techradar.com . To see the full text click HERE