Microsoft and law enforcement have announced a court-authorized takedown of Lumma, a prolific info-stealer malware operation found on more than 394,000 Windows PCs globally, mostly in Brazil, Europe, and the United States.
The tech giant took civil action to ask a federal court to seize 2,300 domains that served as the malware’s network of command and control servers. The Justice Department also seized five domains used to operate the Lumma infrastructure.
The Lumma password stealer can be found in dodgy games or cracked apps downloaded from the internet. Once infected, the malware steals logins, passwords, credit cards, and cryptocurrency wallets from the victim’s computer, which are sold to other cybercriminals. Lumma also serves as a backdoor for hackers who want to drop additional malware, like ransomware.
Password-stealing malware like Lumma have been linked to cyberattacks used to steal huge amounts of data from tech companies, like PowerSchool and Snowflake.
