LummaC2 Malware-as-a-Service (MaaS) reportedly implemented a new anti-sandbox technique which delays detonation until human-like mouse movement is detected. This mechanism makes LummaC2 particularly powerful in preventing sandbox analysis. Nonetheless, there are no reports of the malware altering its signature exfiltration method which leverages HTTP POST request with user agent "TeslaBrowser/5.5," an indicator defenders can monitor in order to assess proactive measures in the event of an incident.
- Clipeus