Thursday, 24 April 2025
26.8 C
Singapore
29.9 C
Thailand
19.5 C
Indonesia
28.8 C
Philippines

Fake Reddit sites are delivering dangerous malware

Hackers use fake Reddit threads and WeTransfer sites to spread Lumma Stealer malware, targeting users with advanced data theft tactics.

According to a report from Bleeping Computer, hackers are spreading a harmful malware called Lumma Stealer by tricking you into clicking on links found in fake Reddit threads. These threads offer solutions to common problems but redirect you to fraudulent websites designed to mimic WeTransfer. Once on these fake sites, you may unknowingly download malicious files.

How the fake sites operate

Security researcher Crep1x from Sekoia.io uncovered nearly 1,000 fraudulent websites being used to spread the malware. Of these, 529 impersonate Reddit, while 407 mimic WeTransfer. To appear credible, these fake sites are crafted with domain names that combine random letters, numbers, and the brand name, typically ending in .org or .net.

A common tactic used by hackers involves creating a fake Reddit thread in which one user claims they need help downloading a specific tool. Another user responds, offering a WeTransfer link to the requested file along with a thank-you message to make it seem authentic. To create a sense of urgency, the post often mentions that the link will expire in two days.

When you click on the link, you are redirected to a website that looks almost identical to WeTransfer but is fake. Downloading the file leads to installing Lumma Stealer, which can compromise your personal information.

Why Lumma Stealer is dangerous

Lumma Stealer is highly advanced and designed to steal your data while avoiding detection. It has been distributed through several methods, including direct messages on social media, search engine optimisation (SEO) poisoning, malicious websites, and even deepfake nude generator sites.

Once the malware is downloaded, it can collect sensitive information, such as login credentials, payment details, and other personal data. The stolen information is then sent to the hackers, putting you at risk of identity theft and financial fraud.

Researcher Crep1x could not confirm precisely how victims initially encountered the fake links. However, the malware payload is hosted on a suspicious site called “weighcobbweo[.]top.”

How to protect yourself

To stay safe, avoid clicking on suspicious links, even if they seem to come from familiar platforms like Reddit or WeTransfer. Always double-check URLs for authenticity and ensure they match the official website’s domain. Installing reliable antivirus software is also essential to help detect and block malware threats.

Hackers continue to develop creative methods to spread malware like Lumma Stealer, so being cautious online is your best defence.

Hot this week

Intel’s new CEO reshapes leadership, promotes AI chief and plans closer work with engineers

Intel CEO Lip-Bu Tan is reshaping leadership, promoting a new AI chief, and aiming for a leaner, more engineering-driven company.

Nvidia rolls out major GPU update to fix crashes and stability issues

Nvidia’s 576.02 update fixes major GPU bugs, boosts stability, and adds support for the RTX 5060 Ti, starting at US$379.

OpenAI looked at Cursor before moving to buy Windsurf for US$3B

OpenAI tried to buy Cursor creator Anysphere before turning to Windsurf for US$3B, showing its urgency to lead AI code generation.

Apple’s iPhone sales drop in China amid growing trade tensions

Apple’s iPhone sales in China fell 9% as local brands grew, and trade tensions created more uncertainty for the smartphone market.

PlayStation Plus prices rise worldwide, including Singapore

PlayStation Plus subscription prices have increased worldwide, including Singapore, with changes affecting new and existing users.

POCO launches entry-level C71 smartphone in Singapore with premium features

POCO launches the budget-friendly C71 smartphone in Singapore, offering premium design, enhanced cameras, and smooth performance at S$109.

NVIDIA uses AI to address climate, wildlife and disaster risks

NVIDIA’s AI tools support climate action, wildlife monitoring, and disaster risk mitigation, with uses spanning sea, land, sky and space.

Netflix raises subscription prices in Singapore again

Netflix again raises subscription prices in Singapore, with new rates for all plans and extra member slots.

GameMax unveils Blade Concept ATX case with bold design and powerful features

GameMax launches the Blade Concept ATX case, which features a striking blade design, RGB lighting, and support for high-end liquid-cooled PC builds.

Related Articles

Popular Categories