LummaC2 is an Infostealer that is being actively distributed, disguised as illegal programs (e.g. cracks, keygens, and game hacking programs) available from distribution websites, YouTube, and LinkedIn using the SEO poisoning technique. Recently, it has also been distributed via search engine ads, posing as web pages of Notion, Slack, Capcut, etc.
Reference: Distribution of MSIX Malware Disguised as Notion Installer
Microsoft has again disabled the MSIX ms-appinstaller protocol handler after multiple financially motivated threat groups abused it to infect Windows users with malware.
Redline Dropped Through MSIX Package, Author&colon
