Microsoft, in collaboration with law enforcement, executed a takedown of Lumma, an info-stealer malware operation prevalent on over 394,000 Windows PCs worldwide. This operation was particularly rampant in Brazil, Europe, and the US. The tech giant secured a court order to seize 2,300 domains used for Lumma's command and control servers, while the Justice Department confiscated additional infrastructure domains. Lumma lures victims through suspicious gaming and cracked applications, pilfering sensitive information such as login credentials and financial data, which it sells to cybercriminals, indicating connections to significant data breaches in major companies.
The Lumma password stealer can be found in dodgy games or cracked apps downloaded from the internet. Once infected, the malware steals logins, passwords, credit cards, and cryptocurrency wallets from the victim's computer, which are sold to other cybercriminals.
Microsoft and law enforcement have announced a court-authorized takedown of Lumma, a prolific info-stealer malware operation found on more than 394,000 Windows PCs globally, mostly in Brazil, Europe, and the United States.
The tech giant took civil action to ask a federal court to seize 2,300 domains that served as the malware's network of command and control servers. The Justice Department also seized five domains used to operate the Lumma infrastructure.
Password-stealing malware like Lumma have been linked to cyberattacks used to steal huge amounts of data from tech companies, like PowerSchool and Snowflake.
Collection
[
|
...
]