The National Cyber Security Centre (NCSC) of New Zealand has issued an extraordinary warning on October 3, 2022 to some 26,000 people about their personal devices having been infected with malicious software. According to the agency’s warning, the software, called “Lumma Stealer,” has led to a major disruption to New Zealand’s digital security environment.
It is customary for the NCSC to provide alerts about threats to national security level organizations only. The agency has now contacted individual consumers directly because of the large scale of this infection. Lumma Stealer is a high end malware program that steals personal and financial data from breached devices through stealthy techniques.
This highlights a huge risk for individuals affected by the malware, as it targets their most crucial information, including financial data and sensitive details. The NCSC confirmed that multiple compromised credentials involved government agencies and banks, prompting an immediate and thorough public response.
The rise of Lumma Stealer and cybercrime commercialization
Michael Jagusch, COO of NCSC, stated that the malware Lumma Stealer—the focus of the alert—is not a state-sponsored tool of the NSC. He believes that it does represent a dangerous example of how the cybercrime industry is continuing to grow in its commercialisation.
Historically, high-impact malware attacks required significant amounts of technical resources and expertise to execute. Recently, the cybercrime environment has developed into an ecosystem where basically any individual with internet access can now find and buy sophisticated malware online via dark web marketplaces.
Also, the digital evolution of cybercrime has allowed more people than ever to enter the world of cybercriminals. It has also resulted in an increase in the number of threat actors who have access to tools they would not have had access to before.
Cybercriminals designed Lumma Stealer for malicious activities targeting devices that use the Microsoft Windows operating system. To achieve this, it will extract numerous different types of sensitive data such as user emails, credentials and passwords. The software basically collects details that individuals can use to access many different online services, including banking, social media, and other websites.
Mr. Jagusch further explains that the ultimate intended purpose of the cybercriminals using the application is for financial theft from victims’ bank accounts. On the other hand, he added that they can also use the information in many other ways, including creating more personalized attacks against the user.
Urgent call to action and securing digital footprints
Due to the extremely high number of affected New Zealanders, the NCSC and its partners mobilized to manage the fallout and assist victims through the remediation process. The NCSC has collaborated with government organizations and financial institutions to provide protection for impacted customers.
For the public, a critical step in securing digital footprints involves practicing robust cybersecurity hygiene, which includes using strong, unique passwords, enabling multi-factor authentication, and securing internet connections with reputable tools such as a Virtual Private Network (VPN), especially on public or unsecured Wi-Fi.
However, this is the first occasion on which the NCSC has conducted direct email outreach to 26,000 users, a stark reminder for the public to be vigilant against all forms of cyber-fraud, especially during periods of heightened risk like the holiday season when scammers are most active.
