Lumma Stealer + Sectop RAT (ArechClient2): Two-Stage Attack Chain via Fake Cracked Software
11h ago · 12 min read · Executive Summary On April 17, 2026, SANS Internet Storm Center documented a Lumma Stealer campaign followed by Sectop RAT (ArechClient2) targeting users searching for pirated software. Attackers used
Join discussion
