“Based on what we are seeing, there is a wide range of cybercriminals that acknowledged that they are using Loma, such as credit card fraud, early access sale, cryptocurrency theft, and more.”
In other tools, scattered spider hacking group – which has attacked Caesar Entertainment, MGM Resorts International, and other victims. Seen using Luma theft. Meanwhile, according to a report TakkarchLuma Milware was allegedly used in the construction of a Hack of Education Tech Firm Power School of December 2024, which 70 million records were stolen.
“Now we are seeing that infoastillers are not only technically prepared, but also play a more central role,” says Well’s Wardley. “Even the actors of the national state are developing and deploying them.”
Ian Gray, director of analysis and research at the security firm Flash Point, says that while infoastillers are the only tools that will use cybercriminals, but their spread can facilitate cybercriminals to hide their tracks. Gray says, “Even advanced risk actor groups are taking advantage of infoastiler logs, or they are at risk of burning sophisticated strategies, techniques and procedures (TTP).”
Luma is not the first infoastler to target law enforcement agencies. In October last year, the Dutch National Police, along with international partners, took down the infrastructure affiliated with the Red Line and Metastler malware, and the US Department of Justice accused them. Maxim OrlenitesOne of the alleged developers and organizers of the Red Line Infoastler.
Despite the international crackdown, infoastilers have been very useful and effective in abandoning the invaders. As the Gray of the Flash Point has said, “Even if the defense of the landscape eventually changes due to the evolution of defense, the growing importance of infoastilers over the past few years shows that they are likely to stay here for the future. Their use has exploded.”
This story originally appeared Wired dot.