← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Tracking LummaC2 Infrastructure with Cats - DomainTools | Start Here. Know Now.
US Department of Justice (DOJ) announced the disruption of the LummaC2 infostealing-malware. This was achieved through sweeping domain seizures in coordination with Microsoft, which resulted in the takedown of over 2,300 domains associated with LummaC2 operations.
Domains down, but adding for tracking and blocking initial compromised sites that lead to these IOCs.
MITRE ATT&CK & Malware Families
MALWARE FAMILIES
Lumma Stealer
Indicators of Compromise (53)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-SHA1 | 1206f4fceeed9f9614f65245cb03916c399e6ec6 | — | 2025-05-30 | |
| FileHash-SHA1 | 2eb2ec01b334bb74109a227fdd57da8398f035cc | — | 2025-05-30 | |
| FileHash-SHA1 | 80b9e0f6a81ab78ee4e01152958e1322e6d7b6fa | — | 2025-05-30 | |
| FileHash-SHA1 | a9f2cf9a6ad5bb2b6cdd0429f124e8f581ada7e6 | — | 2025-05-30 | |
| FileHash-SHA1 | b1677d595e69263c9a8181ba9375b5cdd8cf6e34 | — | 2025-05-30 | |
| domain | belamai.shop | — | 2025-05-30 | |
| domain | blast-hubs.com | — | 2025-05-30 | |
| domain | blastikcn.com | — | 2025-05-30 | |
| domain | cat-are-here.ru | — | 2025-05-30 | |
| domain | cozkeu.shop | — | 2025-05-30 | |
| domain | cyqfuy.shop | — | 2025-05-30 | |
| domain | fabzswingers.com | — | 2025-05-30 | |
| domain | fanlumpactiras.pw | — | 2025-05-30 | |
| domain | fireflypath.shop | — | 2025-05-30 | |
| domain | forestchime.shop | — | 2025-05-30 | |
| domain | gentlestream.shop | — | 2025-05-30 | |
| domain | gewrye.shop | — | 2025-05-30 | |
| domain | happyjourney.shop | — | 2025-05-30 | |
| domain | inbox.eu | — | 2025-05-30 | |
| domain | jonagye.shop | — | 2025-05-30 | |
| domain | kerlalostel.org | — | 2025-05-30 | |
| domain | kittlez.ru | — | 2025-05-30 | |
| domain | leqezuu.shop | — | 2025-05-30 | |
| domain | lingagulidon.com | — | 2025-05-30 | |
| domain | lumdukekiy.shop | — | 2025-05-30 | |
| domain | lumfokim.shop | — | 2025-05-30 | |
| domain | lumjebyhiu.shop | — | 2025-05-30 | |
| domain | lumkecuq.shop | — | 2025-05-30 | |
| domain | lumlacumii.shop | — | 2025-05-30 | |
| domain | lumlideweo.shop | — | 2025-05-30 | |
| domain | lummomusuo.shop | — | 2025-05-30 | |
| domain | lumramavyy.shop | — | 2025-05-30 | |
| domain | lumsuxinya.shop | — | 2025-05-30 | |
| domain | lumtovusao.shop | — | 2025-05-30 | |
| domain | lumzacynuy.shop | — | 2025-05-30 | |
| domain | morningjoy.shop | — | 2025-05-30 | |
| domain | mysticjourney.shop | — | 2025-05-30 | |
| domain | nature-sounds.shop | — | 2025-05-30 | |
| domain | naturewsounds.help | — | 2025-05-30 | |
| domain | ocean-view.shop | — | 2025-05-30 | |
| domain | padxae.shop | — | 2025-05-30 | |
| domain | pannlumz.com | — | 2025-05-30 | |
| domain | pinkipinevazzey.pw | — | 2025-05-30 | |
| domain | rapabuo.shop | — | 2025-05-30 | |
| domain | river-stone.shop | — | 2025-05-30 | |
| domain | rubyfalls.shop | — | 2025-05-30 | |
| domain | rugtou.shop | — | 2025-05-30 | |
| domain | sereneoasis.shop | — | 2025-05-30 | |
| domain | stormlegue.com | — | 2025-05-30 | |
| domain | sunny-beach.shop | — | 2025-05-30 | |
| domain | weponoe.shop | — | 2025-05-30 | |
| domain | winterchill.shop | — | 2025-05-30 | |
| domain | zincaa.shop | — | 2025-05-30 |