News

Hackers Launch Campaign With Hundreds of Fake Reddit Sites to Spread Malware

A newly discovered malicious campaign is targeting users seeking technical advice online by impersonating Reddit and leading unsuspecting visitors to info-stealing malware. According to a report by BleepingComputer, cybercriminals have created close to 1,000 websites designed to look like authentic Reddit pages—a tactic aimed at tricking people into downloading harmful software that can steal personal data and login credentials.

Capitalizing on Reddit’s Popularity

With millions of users relying on Reddit for troubleshooting tips and community support, it’s no surprise that attackers have set their sights on the platform’s massive user base. Many people end up on Reddit when searching for solutions to technical problems, which is exactly where the hackers hope to intercept them.

A researcher at cybersecurity firm Sekoia uncovered the campaign and revealed that the fraudulent Reddit pages are nearly identical to the legitimate site, down to the layout and branding. However, a closer look at the URL often reveals that the sites are anything but the real deal.

“Hackers thrive on urgency,” the Sekoia researcher said. “If people are already stressed about a computer issue, they’re more likely to click on a suspicious link without scrutinizing it.”

From Fake Reddit to Fake WeTransfer

The ruse typically begins with a Reddit-like page posing a tech support question: “Has anyone found a certain tool that fixes [problem X]?” A fake reply then provides a seemingly innocent download link, with another faux user chiming in to thank the poster, further boosting the thread’s credibility.

Clicking that link redirects victims to yet another convincing imposter—this time a WeTransfer look-alike site. Instead of a helpful utility, users end up downloading Lumma Stealer, an info-stealing malware capable of harvesting usernames, passwords, and other sensitive data stored on an infected system.

Lumma Stealer on the Rise

First identified in 2022, Lumma Stealer has gained traction by operating as Malware-as-a-Service, meaning other cybercriminals can rent or purchase it for their own attacks.

“This makes Lumma Stealer easily accessible to less tech-savvy criminals,” explains the researcher. “With costs starting at $250 a month, it’s an inexpensive but highly effective tool for stealing information.”

Once Lumma Stealer lands on a victim’s device, it tries to capture credentials for email accounts, banking portals, and social media. If users reuse passwords across multiple sites—a risky but common practice—hackers can quickly pivot to more accounts.

How the Attackers Find Targets

While the exact method used to draw people to these fake Reddit pages remains unclear, security analysts suspect malvertising (malicious advertising) or direct links sent through email or private messages. In other instances, cybercriminals may rely on typical web searches, hoping to match keywords so their bogus Reddit threads appear in a user’s search results.

Staying Safe from Fake Sites

  1. Inspect URLs Carefully:
    Before clicking any link—especially for tech support—hover over it to check the actual web address. If it looks suspicious or slightly misspelled, steer clear.
  2. Avoid Sponsored Links:
    In popular search engines, malicious ads can appear at the top of the results. Scroll past sponsored placements to find legitimate links.
  3. Use Antivirus Software:
    Install reputable antivirus solutions on your devices—whether it’s the best PC antivirus, Mac antivirus, or mobile protection. This adds an extra layer of security that can often block malicious downloads.
  4. Enable Browser Protections:
    Most modern browsers (Chrome, Firefox, Edge, etc.) include Safe Browsing features to warn you about phishing or malware-laden sites. Consider turning on Chrome’s Enhanced Safe Browsing for extra protection.
  5. Employ a Password Manager:
    Using one of the best password managers helps create and store unique, strong passwords for every account. This way, even if one login is compromised, your other accounts stay safe.

Why It Matters

Fake websites and brand impersonation remain some of the oldest yet most effective tricks in a hacker’s toolbox. By blending into trusted online forums and file-sharing services, criminals lower users’ defenses. As more people use Reddit and similar platforms to solve technical issues, cybersecurity experts are urging everyone to remain vigilant and think twice before clicking.

“Educating yourself—and your friends and family—about the latest scams can make a real difference,” advises the Sekoia researcher. “It only takes one wrong click for cybercriminals to gain access to your most important accounts.”

With these preventative measures in mind, users can continue to leverage Reddit for its wealth of collective knowledge—without falling victim to the latest wave of deceptive malware campaigns.

Leave a Reply

Your email address will not be published. Required fields are marked *