LummaStealer Infections Rise Following CastleLoader Campaigns

LummaStealer Infections Rise Following CastleLoader Campaigns

First seen 12 Feb 2026, 00:29 UTC BitdefenderBleepingcomputerGround.NewsSecurityaffairs.CoScworld+2 84% similarity 41.3

Article Content

Browse articles
ThreatCluster

LummaStealer infections have surged due to social engineering campaigns utilizing the ClickFix technique to distribute CastleLoader malware. This infostealer, operating as a malware-as-a-service platform, had previously been disrupted in May 2025 when law enforcement seized 2,300 domains associated with it.

ThreatCluster AI

Timeline

2025-05-01
Law enforcement seized 2,300 domains linked to LummaStealer
2026-02-11
Surge in LummaStealer infections reported

Community

Browse all →