Home Access

decadmin

  1. Home
  2. decadmin
IMG_9883

Girls of Brum Day!

On Thursday 11th June, Miss Hart took 11 Year 7 Girls to attend the 'Girls of Brum' Day, held at the Alexander Stadium. 

Centred around empowering young girls in all areas of life, but particularly sport, the day consisted of inspirational talks from famous athletes, interactive stalls run by a range of sports organisations, youth clubs and community projects, along with an afternoon of sports workshops.

The girls had the opportunity to learn more about what is available to them in the local area and take part in sports, like cricket, golf and cycling, that they wouldn't normally take part in, and had an amazing time making friendship bracelets, getting glitter tattoos, writing positive affirmations, learning dance routines and more!

Overall, it was amazing day to celebrate what women can do!

General - 06/12/2026
IMG_9877

Year 10 Mock Interviews a Great Success

Our Year 10 students recently took part in a highly successful Mock Interview Day, with over 24 employers and industry professionals generously giving their time to support the event.

Students experienced realistic interview situations, helping them to develop their confidence, communication skills and understanding of employers’ expectations. The opportunity to receive personalised feedback from professionals was invaluable and will help them prepare for future college, apprenticeship and employment opportunities.

The employers were full of praise for our students, commenting on their enthusiasm, politeness and willingness to engage. The feedback received was overwhelmingly positive, with many highlighting the excellent attitudes and potential demonstrated by our young people.

We would like to extend our sincere thanks to all the employers who volunteered their time and expertise to make the day such a success. Their support plays a vital role in preparing our students for the world of work and inspiring their future aspirations.

General - 06/12/2026
Screenshot 2026-06-09 at 10.55.52

British Council International School Award success for Dame Elizabeth Cadbury School

Dame Elizabeth Cadbury School in Bournville has been awarded Intermediate level of the British Council’s prestigious International School Award in recognition of its work to bring the world into the classroom.

The International School Award celebrates the achievements of schools that do exceptional work in international education. Fostering an international dimension in the curriculum is at the heart of the British Council’s work with schools so that young people gain the cultural understanding and skills they need for life and work in today’s world.

Shannon West, Head of UK Schools for the British Council, said: Dame Elizabeth Cadbury's international work has earned the school well-deserved recognition with the British Council International School Award - Intermediate Certificate.

We are proud and delighted to work with this great school. Many thanks to everyone for all their commitment to developing international work and sharing excellent classroom practice and resources. This is enriching education for its pupils, and their excellent collaborative projects with partner schools overseas are bringing the world into their classrooms. International work is key support for developing skills young people need to be globally aware citizens of the future.

Embedding an international ethos across a school can lead to International School Award Accreditation, the highest award level. Schools looking to join this supportive and engaging global network should contact us at the British Council”.

The Award is now available worldwide in countries such as Greece, India, and Nigeria. Over 6000 International School Awards have been presented to successful schools in the UK since the scheme began in 1999.

The International School Award encourages and supports schools to develop:

  • An international ethos embedded throughout the school
  • A whole school approach to international work
  • Collaborative curriculum-based work with international partner schools
  • Year-round international activity
  • Involvement of the wider community
General - 06/09/2026
3

Year 6 Transition Workshop Supports Pupils and Families Ahead of September

We were delighted to welcome Year 6 pupils and their parents and carers to our Transition Workshop on 2nd June focused on attendance and a successful start to secondary school.
As part of our transition process, we carefully review information provided by primary schools alongside national attendance data to identify pupils who may benefit from additional support during the move to secondary school. The workshop was designed as a positive and proactive opportunity to help pupils and families feel confident, supported and prepared for September.
During the evening, parents and carers learned about the importance of strong attendance, positive routines and reading habits in supporting pupils' achievement, wellbeing and confidence. Families also explored our STRIVE values, the support available at DEC, and the wide range of enrichment and leadership opportunities that help pupils feel connected to school. We also discussed common transition challenges and how our attendance, pastoral, SEND and wellbeing teams work closely with families to provide early support where needed.
Meanwhile, Year 6 pupils spent time with our fantastic Year 10 Prefects, who answered questions, shared their experiences and helped pupils feel excited about starting secondary school. The prefects represented the school exceptionally well and many have already volunteered to support future transition events, including Induction Day.
We were incredibly pleased to receive positive feedback from parents and carers following the event. Comments included:
“This evening’s workshop was great. It was useful to learn about the transition period.”
“Lots of support available.”
“My child will be cared for.”
“You understand my worries about the transition.”
“My child really enjoyed his time with the Prefects who are a credit to the school.”
“My child really enjoyed spending time with your Year 10s.”
We would like to thank all families who attended, alongside our Year 10 Prefects and staff, for making the evening such a success. We look forward to continuing to support our incoming Year 7 pupils as they prepare for the next exciting stage of their education.

General - 06/08/2026

Lumma's Rise to Prominence: The Success of the MaaS Model

The landscape of cybercrime is defined by relentless evolution, but few threats demonstrate the sheer adaptability and proliferation of Lumma Stealer. Infostealers, in particular, have become the economic engine of the modern cybercrime ecosystem, moving far beyond simple credential harvesting to encompass deep system reconnaissance and wallet extraction. Recent reports indicate a staggering 369% increase in successful infostealer campaigns globally, cementing their status as a top-tier threat. Lumma, or LummaC2, stands out as a particularly sophisticated Malware-as-a-Service (MaaS) operation that has dominated dark web stealer logs, often commanding over 50% of the market share in recent quarters.

👉 Download here: 👈

This article serves as a deep-dive technical analysis into Lumma Stealer. We will dissect its primary delivery mechanisms, meticulously examine its core capabilities and evasion techniques, map its robust Command and Control (C2) infrastructure, and conclude with concrete, actionable recommendations for security teams tasked with detection and mitigation. For IT security professionals, incident responders, and threat hunters, this analysis provides the necessary intelligence to move beyond simple signature matching and into proactive threat hunting.

Background and Rise to Prominence

Lumma Stealer first gained significant notoriety around August 2022. The malware was developed and managed by the alias "Shamel," who quickly established it as a highly profitable and stable platform for cybercriminals. Unlike bespoke malware, Lumma operates on a true MaaS model, allowing threat actors to leverage a powerful, pre-built, and constantly updated threat without needing extensive development resources.

The monetization structure is impressive, featuring tiered pricing ranging from basic access at $250 to highly customized, premium deployments exceeding $20,000. Crucially, the platform provides a full builder panel, enabling operators to customize the malware's functionality, targets, and appearance. Furthermore, the option to purchase the source code allows sophisticated groups to resell the Lumma framework, maximizing ROI. This accessibility has fueled its adoption across the entire criminal spectrum, from novice threat actors to elite groups such as Scattered Spider and Octo Tempest.

Its widespread adoption confirms its technical superiority and operational resilience. Lumma’s dominance is not merely anecdotal; its logs consistently rank among the highest volume infostealers observed across major dark web marketplaces, validating its effectiveness as a generalized credential and data harvester.

Distribution Vectors and Delivery Techniques

Lumma has moved past relying on single, predictable delivery methods. Its success is predicated on a sophisticated, multi-vector approach that ensures high reach and low friction for the victim. Each vector utilizes tailored social engineering and technical execution to achieve infection.

Phishing Emails

Phishing remains the bread and butter of Lumma’s distribution. Attackers leverage highly convincing, urgent lures—fake invoices, urgent reservation confirmations, HR policy updates, or shipping notifications—to entice victims into clicking a malicious link. A critical element of the Lumma delivery chain is the use of Traffic Direction Systems (TDS), such as Prometheus. These systems allow the threat actor to filter incoming traffic in real-time. If a victim is flagged as high-value (e.g., an executive or a system administrator), the TDS can redirect them to a specialized landing page or bypass typical defenses, ensuring the malware is delivered successfully.

Malvertising

Lumma frequently poisons search engine results and online advertisements. By injecting malicious payloads into search results for high-volume, legitimate software (e.g., "Notepad++ download," "Adobe Reader update"), the threat actors redirect users to cloned, compromised websites. These sites are often visually identical to the original and serve as the initial drop point for the Lumma executable or the trigger for a drive-by download.

Compromised Websites (Drive-by Download)

In this vector, the malware is delivered without the user needing to click anything beyond visiting the page. Threat actors inject malicious JavaScript into the source code of legitimate, high-traffic websites. Advanced Lumma deployments utilize EtherHiding, a technique where the actual malicious code is not hosted on a traditional server but is instead stored and served via a decentralized blockchain network, such as Binance Smart Chain (BSC). This makes the code highly resilient to simple domain blocking and takedown efforts.

The "ClickFix" Technique

This highly effective social engineering flow is one of Lumma’s signature methods. The infection chain proceeds as follows: The victim encounters a fake CAPTCHA, an error message, or a prompt on a malicious landing page. The user, believing they must resolve the issue, copies a malicious command string (e.g., a base64 encoded PowerShell command). The user then pastes this command into the Windows Run dialog (Win + R). Execution of this command launches a PowerShell or mshta instance, which subsequently fetches and executes the core Lumma executable, completing the infection.

Trojanized/Pirated Software

Lumma is also bundled into cracked or pirated applications. This is common in distribution channels for KMS activators, gaming cheats, and automated utilities (e.g., GitHub repos hosting Hamster Kombat automation tools). The malware is discreetly injected into the application package, allowing it to execute upon the user's first run, often without the victim realizing they have installed more than just the desired software.

Malware Capabilities & Technical Analysis

Lumma Stealer is not a simple dropper; it is a highly engineered payload designed for maximum stealth and data exfiltration. The core executable is typically written in C/C++ and utilizes inline Assembly (ASM) routines to optimize performance and evade static analysis.

Persistence & Evasion

Lumma employs multiple techniques to ensure it survives system reboots and avoids detection:

  • Obfuscation: The code is heavily obfuscated using compiler-level techniques, including LLVM transformations and complex Control Flow Flattening. This makes reverse engineering difficult by scrambling the execution path and confusing automated analysis tools.
  • Process Injection: Lumma rarely runs as a standalone process. It commonly uses process hollowing to inject its malicious code into a trusted, running system process (e.g., msbuild.exe, explorer.exe, svchost.exe). This allows the malware to inherit the process's legitimacy and evade basic process monitoring.
  • Stealth Persistence: It establishes persistence via suspicious entries in the Windows RunMRU registry keys, or by injecting itself into legitimate Windows services.

Information Stealing

The scope of data stolen is vast and dictated by a configuration file received from the C2. Lumma can be tailored to target specific data types, but its default configuration is comprehensive:

  • Browser Credentials & Cookies: Full harvesting from Chromium (Chrome, Edge), Mozilla (Firefox), and various proprietary browsers. This includes stored passwords, session cookies, and autofill data.
  • Cryptocurrency Wallets: Extraction of private keys and seed phrases from popular desktop and browser-based wallets (MetaMask, Exodus, Electrum).
  • Application Data: Data from critical business and personal applications, including 2FA extension tokens, VPN configuration files, and Telegram chat histories.
  • System & Document Metadata: Harvesting user documents (PDF, DOCX, XLSX), desktop screenshots, network configuration files, and system environment variables.

C2 Communication

Lumma features a remarkably resilient and layered C2 infrastructure:

  • Hardcoded and Dynamic C2s: The malware maintains a list of hardcoded C2 domains, ensuring that even if one is seized, communication can immediately pivot to another.
  • Fallback Mechanisms: If the primary C2 fails, Lumma possesses intelligent fallback mechanisms, routing communication through legitimate services like Steam profiles (using game API calls) and private Telegram channels.
  • Infrastructure Cloaking: The use of Cloudflare as a ubiquitous proxy service hides the true origin and geographical location of the C2 servers, complicating takedown efforts.
  • Protocol Evolution: Across different versions (v1 through v6), the C2 protocols have evolved, demonstrating constant refinement. Modern versions utilize strong encryption, typically ChaCha20, to secure the exfiltrated data stream between the victim and the C2 server, preventing passive network monitoring from revealing the stolen payload.

Notable Campaigns & the May 2025 Disruption

Lumma’s operational history is marked by continuous high-volume campaigns. For instance, an April 2025 campaign reported by Microsoft targeted Canadian organizations, demonstrating a shift toward enterprise-level deployment rather than just individual users. This campaign specifically focused on leveraging compromised corporate SharePoint sites as delivery vectors, bypassing traditional perimeter defenses.

The most significant event in Lumma's operational history was the massive collaborative takedown operation in May 2025. This effort, spearheaded by Europol, the FBI, and supported by Microsoft threat intelligence, successfully targeted the core infrastructure.

The impact of the May 2025 operation was staggering: approximately 2,300 to 2,500 domains associated with the Lumma network were seized or suspended. The central management panel, the heart of the MaaS operation, was effectively disrupted, and the primary C2 servers were reportedly wiped clean. This single operation temporarily crippled the profitability and operational capability of the Lumma ecosystem.

However, the aftermath has been complex. While the developer, Shamel, has publicly claimed recovery and the ability to relaunch the platform, law enforcement actions continue to sow distrust, noting that the administrators are already "talking" and rebuilding. This demonstrates the operational agility of the threat actors and the difficulty of achieving a permanent kill-switch against a platform like Lumma.

Detection and Mitigation Recommendations

To defend against Lumma Stealer, organizations must move beyond reactive signature updates and implement layered, behavior-based detection and proactive threat hunting. The following recommendations are critical for reducing the attack surface and neutralizing the threat.

Endpoint Detection & Response (EDR) Hunting

Threat hunters should specifically look for the following behavioral indicators:

  • Suspicious Parent/Child Process Relationships: Look for mshta.exe or PowerShell instances spawned by unexpected processes (e.g., Word, Outlook) or for processes executing without a visible command line.
  • Memory Injection: Search for processes exhibiting signs of memory injection, particularly if a legitimate process (like `explorer.exe` or `svchost.exe`) is hosting code from an unusual memory region.
  • Network Beaconing: Identify repetitive, low-volume outbound network connections to unknown external IPs, especially if the traffic is encrypted (indicating C2 communication).
  • File Artifacts: Scan for recently dropped files with suspicious names or those exhibiting high entropy (indicating packed or encrypted payloads).

Strategic Defense Measures

  • Application Control: Implement whitelisting policies to ensure only approved applications can execute, blocking unknown or suspicious executables immediately.
  • Browser Isolation: Utilize browser isolation technologies to sandbox web browsing, preventing drive-by downloads from executing code directly on the host machine.
  • Email Gateway Inspection: Configure gateways to deeply inspect attachments (especially Office documents) for embedded scripts (VBA) that trigger the initial payload delivery.
  • Network Segmentation: Isolate critical assets and segment the network to prevent a successful infection on a low-value endpoint from immediately spreading laterally to the domain controllers.

In conclusion, Lumina is not merely a piece of malware; it is a highly adaptive, professionally maintained platform. Effective defense requires shifting focus from merely blocking known hashes to monitoring and understanding the behavior of the threat.

Uncategorised - 05/08/2026
4

Pupils attend future Lionesses

Pupils from Dame Elizabeth Cadbury School recently had an exciting opportunity to attend a Future Lionesses football Talent ID Day, where they competed in fast-paced 3v3 games against talented players from across Birmingham. The standard of football on display was exceptional, and our four representatives rose to the occasion brilliantly, showcasing skill, determination and teamwork throughout the event.

All four pupils delivered outstanding performances, consistently impressing coaches with their technical ability and game awareness. Their efforts were recognised with a fantastic achievement: each of them has been invited to attend the next round of county trials.

A special mention goes to Alexa, who particularly caught the attention of the England coaching staff. They have expressed a strong interest in following her development more closely and are keen to stay in contact as she continues her football journey.

This is a remarkable accomplishment for all four players and a proud moment for the school. We look forward to supporting them as they take the next steps in their football pathways.

The pupils were:

  • Amelia
  • Kalsi
  • Alexa
  • Ronni
General - 05/07/2026
Happy young Asia businessmen and businesswomen meeting brainstorming some new ideas about project to his partner working together planning success strategy enjoy teamwork in small modern home office.

Year 9 Transition Workshop: Preparing for Success

We were delighted to welcome parents and carers to our Year 9 Transition Workshop on 17th March, focused on supporting pupils as they prepare for the move into Key Stage 4. The session explored the key changes in Year 10, including increased academic challenge, the importance of reading and vocabulary, and how strong routines and independent learning habits underpin GCSE success.

Parents also gained valuable insight into how we support pupils with exam preparation, wellbeing, and access arrangements, alongside practical strategies to support learning at home. A key message throughout the workshop was the significant impact that consistent attendance has on achievement and long-term success.

The feedback from parents and carers was overwhelmingly positive, highlighting how informative and reassuring the session was:

  • “Really helpful in understanding what Year 10 will look like and how I can support at home.”
  • “Clear, informative and gave practical advice we can use straight away.”
  • “It was reassuring to know what support is available for pupils.”

We would like to thank the parents and carers who attended. Workshops like these play an important role in strengthening the partnership between home and school, ensuring every pupil feels confident, supported, and ready for the next stage of their learning journey.

General - 03/19/2026
DEC_SEP_2024_3

A Strong Start for the 1% Club

We are delighted to celebrate the success of the first 12 days of our new 1% Club initiative. An impressive 90 pupils were rewarded on Tuesday 17th March for attending school for 12 consecutive days — an achievement that has already led to a 1% improvement in their attendance.

The 1% Club is designed to show pupils that small, consistent steps can make a big difference. By focusing on short-term goals, pupils are building positive habits that support their learning, wellbeing and overall success in school.

It has been brilliant to see so many pupils rise to the challenge, demonstrating commitment, resilience and a determination to improve. Staff have enjoyed recognising and celebrating these efforts, reinforcing the message that every day in school really does count.

We look forward to welcoming even more pupils into the 1% Club as the initiative continues — well done to all those who have made such a positive start!

General - 03/19/2026
IMG_0209

Attendance Breakfasts

KS3

On Friday 6th March, we were delighted to celebrate the excellent attendance of our Key Stage 3 pupils with an Attendance Reward Breakfast. An impressive 185 pupils were invited after achieving 100% attendance during the six weeks of the Spring 1 half term.

The event was a wonderful opportunity to recognise pupils’ dedication to attending school every day. Staff were proud to celebrate their commitment, highlighting how consistent attendance helps pupils build strong friendships, develop confidence in their learning and make the most of every opportunity school offers.

The atmosphere at the breakfast was incredibly positive, with pupils enjoying the chance to be recognised for their hard work and perseverance. Celebrations like this reinforce our message that every day in school matters and that pupils’ efforts are valued.

Alongside celebrating 100% attendance, we also remain committed to recognising pupils who make improvements to their attendance, ensuring that progress and determination are celebrated across the school community.

A huge well done to all pupils who were invited — an excellent achievement and a fantastic example for others to follow.

KS4

On Thursday 5th March, we were proud to host an Attendance Reward Breakfast for our Key Stage 4 pupils, celebrating those who achieved 100% attendance during the Spring 1 half term. In total, 86 pupils earned an invitation to the event — a fantastic reflection of their dedication and resilience.

The breakfast was a chance for staff to recognise the effort it takes to attend school every day and to celebrate the positive habits that support both academic success and wellbeing. Pupils enjoyed the opportunity to come together, share breakfast with friends, and be acknowledged for their commitment to their learning.

At Dame Elizabeth Cadbury School, we know that strong attendance is key to achieving success, particularly for pupils preparing for their GCSEs. Events like this allow us to highlight the importance of being present every day while celebrating the pupils who consistently demonstrate this commitment.

While this breakfast recognised those with 100% attendance, we also look forward to celebrating pupils who improve their attendance throughout the year, ensuring that effort, progress and determination are always recognised.

Congratulations to all pupils who attended the breakfast — a brilliant achievement and something to be very proud of.

General - 03/09/2026
IMG_9964

World Book Day - Workshops with Dean Atta

Yesterday, as part of our World Book Day celebrations, Dean Atta delivered two fantastic workshops for our pupils. It was a wonderful opportunity for students to meet a published author, especially as many of our Year 8 pupils are currently studying The Black Flamingo.

The sessions were engaging and inspiring, and pupils had the chance to write and share some truly beautiful poems. It was great to see them so enthusiastic about reading and creative writing.

Would it be possible to create a post about the visit for the website, social media, Matrix bulletin, and screens?

"It was also particularly exciting to welcome Dean to the school as he recently won a BAFTA for British Short Animation for the film Two Black Boys in Paradise, which is based on one of his poems. https://www.youtube.com/watch?v=ClFxnrxWw4U

The visit was a real success, and the pupils had an amazing time. Dean delivered engaging workshops with the students, encouraging them to explore their creativity and express themselves through poetry. It was fantastic to see how quickly they embraced the activities and found their voices.

By the end of the sessions, the pupils had produced some truly beautiful and thoughtful poems. Their enthusiasm, confidence, and willingness to share their work made the workshops incredibly special."

General - 03/06/2026

Back to the Blog

Popular Pages

Contact Info

Woodbrooke Road, Birmingham,

West Midlands B30 1UL

Contact Number: 0121 464 4040

enquiry@decschool.co.uk

Monday - Friday: 8:00 am - 4:00 pm

Copyright 2026 © All Rights Reserved

 Privacy Notice

CEOP-1
Loading