A worldwide strike on a malware-as-a-service large
LummaC2, additionally recognized merely as Lumma, is a complicated Malware-as-a-Service (MaaS) offered on underground boards since 2022. It permits menace actors to steal login credentials, bank card info, cryptocurrency pockets knowledge, and different delicate digital property.
Within the weblog, Microsoft revealed that between March 16 and Could 16 this yr, it detected over 394,000 Home windows gadgets globally contaminated by Lumma. The malware’s attain spans throughout industries and geographies — from important infrastructure and schooling techniques to monetary establishments and gaming communities.
“Lumma has develop into a go-to device for cybercriminals and ransomware operators, together with the infamous Octo Tempest group,” Microsoft said within the weblog submit, emphasizing the malware’s evasive capabilities and ease of use. It typically spreads by way of phishing campaigns, faux adverts, and impersonation of trusted manufacturers like Reserving.com and Microsoft itself.
