LummaStealer Is Getting a Second Life Alongside CastleLoader

Despite a major law enforcement takedown in 2025, LummaStealer has resurged by leveraging the stealthy CastleLoader and innovative social engineering lures like fake software, media downloads, and ClickFix CAPTCHAs—demonstrating the adaptability and persistence of the MaaS infostealer ecosystem and underscoring the critical need for user awareness and behavioral detection.