New Rugmi Malware Loader Surges with Hundreds of Daily Detections

A malware loader, named Win/TrojanDownloader.Rugmi by ESET, is being employed to deliver multiple information stealers like Lumma Stealer. The loader’s detection rates rose drastically in October and November 2023. Lumma is disseminated through methods such as fake browser updates and malvertising and has been spotted encapsulated in offerings on Discord. It operates on a malware-as-a-service model, starting at $250/month, with the most premium plan, priced at $20,000, including source code access.