Microsoft: Over 394,000 Windows computers globally infected by Lumma malware between March 16 and May 16; blog severed communications between Lumma tool and users
AinvestWednesday, May 21, 2025 12:19 pm ET
1min readMicrosoft: Over 394,000 Windows computers globally infected by Lumma malware between March 16 and May 16; blog severed communications between Lumma tool and users
Microsoft Corp. has taken significant strides in its ongoing battle against cybercrime by seizing approximately 2,300 malicious domains linked to the notorious Lumma malware. This action, part of a global cyber-dragnet, aims to disrupt the technical infrastructure that supports the malware's operations. The Lumma tool, available on Russian-speaking dark net markets since 2022, has been used by cybercriminals to steal passwords, launch ransomware attacks, and nab cryptocurrency.The company's digital crimes unit, working in collaboration with law enforcement agencies such as Europol, the US Justice Department, and Japan’s Cybercrime Control Center, has identified nearly 400,000 Windows computers globally that have been infected with Lumma between March 16 and May 16. According to Steven Masada, General Counsel of Microsoft's Digital Crimes Unit, the goal of this operation is to stop hackers from using Lumma to impersonate legitimate brands and boost their own credibility.
Microsoft has also disrupted the markets where Lumma was sold, while Europol and Japanese authorities have taken similar actions. One notable instance of Lumma's use was in a campaign that impersonated CrowdStrike Holdings Inc. domains, tricking victims into downloading malware disguised as a recovery tool. This is part of a broader trend in law enforcement actions to target dark web services, including the takedown of over 30 websites that offered distributed denial-of-service attack services in April.
The disruption of Lumma is a significant step in Microsoft's ongoing efforts to combat the surge in ransomware attacks, which have increased by 300% in the last decade. The company’s actions underscore the importance of international cooperation and technological innovation in the fight against cybercrime.
References:
[1] https://www.bloomberg.com/news/newsletters/2025-05-21/microsoft-seizes-domains-linked-to-ransomware-in-cyber-dragnet
Disclaimer: The news articles available on this platform are generated in whole or in part by artificial intelligence and may not have been reviewed or fact checked by human editors. While we make reasonable efforts to ensure the quality and accuracy of the content, we make no representations or warranties, express or implied, as to the truthfulness, reliability, completeness, or timeliness of any information provided. It is your sole responsibility to independently verify any facts, statements, or claims prior to acting upon them. Ainvest Fintech Inc expressly disclaims all liability for any loss, damage, or harm arising from the use of or reliance on AI-generated content, including but not limited to direct, indirect, incidental, or consequential damages.
Comments
No comments yet