According to TechRadar , cybersecurity experts Sekoia have just discovered hundreds of fake Reddit and WeTransfer websites designed to spread Lumma Stealer malware. This type of malware is capable of stealing sensitive information such as passwords, financial data and personal information.
Reddit is being spoofed to spread malware that steals data
Sophisticated Reddit impersonation trick
Accordingly, hackers created many fake topics on Reddit, in which users asked about a specific software, the bad guys would post links to fake WeTransfer pages, which contained malicious code disguised as legitimate software.
It is worth noting that the fake software used in this campaign is OpenText Encase Forensic, a specialized tool for digital forensics. This suggests that the attackers may be targeting law enforcement agencies, cybersecurity professionals, or businesses.
Interface of a fake Reddit page with misleading URL
PHOTO: BLEEPING COMPUTER SCREENSHOT
Both the fake Reddit and WeTransfer sites are designed to look very similar to the real sites, using both .org and .net domains to make them look more convincing. However, the download link on the fake WeTransfer site leads to the Lumma Stealer malware.
Sekoia has now published a list of fake websites on GitHub for users to be wary of, see tinyurl.com/fakeredditsites .
To avoid falling victim to this scam, people need to be wary of software download links from unknown sources, especially on social media, and always double-check the URL address before clicking on the link.
Source: https://thanhnien.vn/phat-hien-dien-dan-reddit-gia-mao-phat-tan-ma-doc-185250124225625762.htm
Comment (0)