Slashdot: Microsoft Says 394,000 Windows Computers Infected By Lumma Malware Globally

May 21, 2025

—

Source URL: https://it.slashdot.org/story/25/05/21/1954240/microsoft-says-394000-windows-computers-infected-by-lumma-malware-globally
Source: Slashdot
Title: Microsoft Says 394,000 Windows Computers Infected By Lumma Malware Globally

Feedly Summary:

AI Summary and Description: Yes

Summary: Microsoft has successfully taken down the Lumma Stealer malware, which infected over 394,000 Windows computers globally. The operation involved collaboration with law enforcement and resulted in the seizure of numerous domains related to the malware, effectively disrupting its infrastructure.

Detailed Description: The recent actions taken by Microsoft against the Lumma Stealer malware highlight significant issues in information security and the collaborative efforts necessary to combat cybercrime. This case reflects not only the dangers posed by malware but also the effective measures that can be employed to mitigate these threats.

– Microsoft disclosed that between March 16 and May 16, over 394,000 computers were infected by Lumma malware, known for its capabilities to steal sensitive information such as passwords, credit cards, and cryptocurrency wallets.
– The dismantling process of the Lumma infrastructure involved:
– Cooperation with law enforcement globally, including a court order from the U.S. District Court for the Northern District of Georgia.
– Control of Lumma’s central command structure by the U.S. Department of Justice.
– The involvement of international agencies, such as Europol, which facilitated action against approximately 300 domains.
– Local support from the cybercrime control center in Japan, highlighting an international collaborative approach.

– The operational strategy taken by Microsoft included:
– Severing communications between the Lumma malware and its victims, a vital step in curbing ongoing exploitation.
– Redirecting more than 1,300 seized domains to Microsoft sinkholes, preventing further malicious activity and better protecting potential victims.

This initiative not only serves as a cautionary example of the crucial nature of vigilant cybersecurity practices but also demonstrates the collective power of industry and law enforcement partnerships in combating sophisticated cyber threats effectively. Security professionals should take note of these collaborative approaches and their implications for improving defenses against malware and similar threats in their environments.

1 2 24 3 4 5 a Act actions AI and app Arch art as Bi bing by C capabilities caution CI CIA closed co Col collaboration collaborative collaborative approach collaborative effort collaborative efforts command communication compute computer control cooperation court crime Crypto cryptocurrency cryptocurrency wallets cyber cyber threat cyber threats cybercrime cybersecurit Cybersecurity cybersecurity practices D de defense defenses demo Department of Justice domain domains DoT e effective enforcement Entra environment EU Europol event exp exploit Exploitation for full g Gen geo Georgia Go H high Highlight HR http HTTPS implications in industry information information security infrastructure inter intern Iron issue J Japan Just k l Labor law Law Enforcement led Li local Lumma Lumma Stealer M malicious activity malware man measures Micro Microsoft Mila N nation NGO no o of on only operation ory oS over partnership partnerships passwords phi potential Power pre process professionals R rate RCE red Ro RoT s sec security security practices security professionals sensitive information Sig Sim source Strategy support T the threat threats to Tor TP U.S. up US V victims Ware Wi Wind Windows x