Microsoft and regulation enforcement have introduced a court-authorized takedown of Lumma, a prolific info-stealer malware operation discovered on greater than 394,000 Home windows PCs globally, largely in Brazil, Europe, and america.
The tech large took civil motion to ask a federal courtroom to grab 2,300 domains that served because the malware’s community of command and management servers. The Justice Division additionally seized 5 domains used to function the Lumma infrastructure.
The Lumma password stealer may be present in dodgy video games or cracked apps downloaded from the web. As soon as contaminated, the malware steals logins, passwords, bank cards, and cryptocurrency wallets from the sufferer’s laptop, that are offered to different cybercriminals. Lumma additionally serves as a backdoor for hackers who need to drop further malware, like ransomware.
Password-stealing malware like Lumma have been linked to cyberattacks used to steal big quantities of knowledge from tech firms, like PowerSchool and Snowflake.
