Todd Bishop of GeekWire reports that Microsoft, in partnership with global law enforcement and tech firms, disrupted Lumma Stealer—a major data-stealing malware—by seizing over 2,300 malicious domains. The malware infected nearly 400,000 devices in two months, stealing personal and financial data. Microsoft’s legal action aims to cut off its communication network, and the company continues monitoring for future threats while urging users to stay vigilant and secure their systems. Bishop writes:
Microsoft announced a coordinated effort to hobble Lumma Stealer, a widely used piece of malware known for stealing personal information and enabling ransomware attacks.
The company on Wednesday said it took legal action to seize more than 2,300 malicious domains as part of a larger partnership with the U.S. Department of Justice, Europol, Japan’s Cybercrime Control Center, Cloudflare, and other tech industry players.
From March 16 to May 16 of this year, the malware infected 394,000 Windows computers worldwide, according to a Microsoft blog post by Steven Masada of the company’s Digital Crimes Unit. Lumma Stealer has been used to steal passwords, credit cards, and bank and crypto accounts, hold schools for ransom, and disrupt key services. […]
In its complaint, filed under seal on May 13 in U.S. District Court in Georgia, Microsoft alleged that Lumma Stealer is “the most widely distributed data-stealing malware family in the world,” potentially linked to nation-state activity in addition to ransomware attacks and financial fraud.
Lumma Stealer does not exploit a specific vulnerability in Windows but relies on social engineering techniques to trick users into manually installing the malware. […]
Microsoft says computer users should protect themselves from malware like Lumma by turning on multi-factor authentication, keeping antivirus software up to date, and being careful with email links and attachments.
Read more here.
