Businessperson sitting at desk while browsing on computer

In today’s cyber landscape, data privacy and security are crucial. In the evolving landscape of cybersecurity threats, information stealers have emerged as one of the most used stealers. According to Kaspersky’s Digital Footprint Intelligence, nearly 10 million devices were compromised by data-stealing malware in 2023. These information stealers are not just targeting organizations, but they are targeting individual computers. Among the most notorious are Lumma, StealC and RedLine. Tools like these target anything from passwords, financial details, and other personal data.

How information stealers work

Information stealers typically enter systems through phishing emails, malicious downloads, or software vulnerabilities. Once inside a device, these programs scan for valuable information, including usernames, passwords, browser data, and files with sensitive information. Some stealers can capture keystrokes from a keyboard and screenshots of your device screen. Attackers can use this data for financial fraud, identity theft, and further cyber-attacks, often selling the information on the dark web.

Key information stealers: Lumma, RedLine and StealC

  1. Lumma Stealer is designed to evade traditional detection methods and often enters the system through phishing and infected downloads. Known for its versatility, Lumma targets passwords, browser cookies, and cryptocurrency wallet details, making it highly valuable for hackers. Lumma can adapt to system environments making it effective for silent data exfiltration without triggering security alarms.
  2. RedLine Stealer, or RedLine, is a sophisticated information-stealing malware that has gained notoriety due to its effectiveness and the breadth of its capabilities. Classified as an infostealer, RedLine is designed to extract sensitive information from infected machines, targeting a wide array of data that can be exploited for malicious purposes. The malware operates as a malware-as-a-service (MaaS), making it accessible to various threat actors who may lack advanced technical skills.
  3. StealC, also known as Stealc, is a type of information-stealing malware that has emerged as a significant threat in the cyber landscape. It is categorized as malware-as-a-service (MaaS) and is believed to have connections to other notable malware families, particularly Vidar. StealC is designed to harvest sensitive data from compromised systems, targeting a wide range of information that can be exploited for malicious purposes.

Defending against information stealers

  1. Use Multi-Factor Authentication: as it adds an extra layer of security by requiring two forms of identity. Even if attackers obtain your credentials, they are less likely to bypass MFA.
  2. Caution with Phishing: Avoid clicking on links or downloading attachments from unknown emails. Phishing is one of the primary methods used to deploy stealers.
  3. Regular Software Updates: Ensure your device’s operating system, browser, and other softwares are up to date to prevent hackers from exploiting your machine.

These three methods are practical ways to defend against these malicious attacks. For ongoing updates and emerging cyber threats, resources such as CISA and Cybersecurity & Infrastructure Security Agency provide valuable information and guidance. Staying vigilant and adopting proactive measures can help reduce the risk of becoming a victim of malware information stealers like Lumma, RedLine, and StealC. As these threats evolve, keeping updated on cyber best practices remains essential.

Nationwide is providing this information as part of its Business Solutions Center website content and e-newsletter. The information included on this e-newsletter and the Business Solutions Center website is designed for informational purposes only. It is not legal, tax, financial, or any other sort of advice; nor is it a substitute for such advice. The information may not apply to your specific situation. We have tried to make sure the information is accurate, but it could be outdated or even inaccurate, in parts. It is the reader's responsibility to comply with any applicable local, state, or federal regulations, and to make their own decisions about how to operate their business. Nationwide Mutual Insurance Company, its affiliates, and their employees make no warranties about the information, no guarantee of results, and assume no liability in connection with the information provided.