Bitdefender
LummaStealer Infections Rise Following CastleLoader Campaigns
First seen 12 Feb 2026, 00:29 UTC
•



+2
•84% similarity
•41.3
Share:
Export
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
Browse articles
LummaStealer infections have surged due to social engineering campaigns utilizing the ClickFix technique to distribute CastleLoader malware. This infostealer, operating as a malware-as-a-service platform, had previously been disrupted in May 2025 when law enforcement seized 2,300 domains associated with it.
ThreatCluster AI
Timeline
2025-05-01
Law enforcement seized 2,300 domains linked to LummaStealer
2026-02-11
Surge in LummaStealer infections reported