Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware

Today, CISA and the Federal Bureau of Investigation released a joint Cybersecurity Advisory, LummaC2 Malware Targeting U.S. Critical Infrastructure Sectors.

This advisory details the tactics, techniques, and procedures, and indicators of compromise (IOCs) linked to threat actors deploying LummaC2 malware. This malware poses a serious threat, capable of infiltrating networks and exfiltrating sensitive information, to vulnerable individuals’ and organizations’ computer networks across U.S. critical infrastructure sectors.

As recently as May 2025, threat actors have been observed using LummaC2 malware, underscoring the ongoing threat. The advisory includes IOCs tied to infections from November 2023 through May 2025. Organizations are strongly urged to review the advisory and implement the recommended mitigations to reduce exposure and impact.

Threat Actors Target U.S. Critical Infrastructure with LummaC2 Malware

Share This Article

About the Author: CISA News

Related Posts

Russian GRU Cyber Actors Targeting Western Logistics Entities and Tech Companies

CISA Releases Twenty-Two Industrial Control Systems Advisories

Update to How CISA Shares Cyber-Related Alerts and Notifications