Ethical Hacking News
The FBI, Microsoft, and international partners have successfully taken down a notorious infostealing malware service called Lumma, which was used to steal sensitive information from victims worldwide. This operation highlights the ongoing battle against cybercrime and serves as a reminder of the importance of collaboration between law enforcement agencies, technology companies, and other stakeholders in combating these threats.
The Lumma malware was taken down by law enforcement agencies worldwide, marking a significant milestone in the battle against cybercrime.Microsoft's Digital Crimes Unit identified over 394,000 Windows computers infected with Lumma between March and May 2023.The FBI attributed around 10 million infections to Lumma, with estimated losses totaling $36.5 million in 2023.Lumma was sold on the dark web for a fee ranging from $250 to $1,000 per month.International partners collaborated with Microsoft to take down over 2,300 domains associated with Lumma.The takedown of Lumma highlights the ongoing risk of infostealers in attacks against critical infrastructure and the need for vigilance in combating cybercrime.
The recent takedown of a notorious infostealing malware service, Lumma, by law enforcement agencies around the world marks a significant milestone in the ongoing battle against cybercrime. The Lumma malware, which has been used by various malicious actors to steal sensitive information from victims, was brought down through a collaborative effort between Microsoft, the Federal Bureau of Investigation (FBI), and international partners.
According to recent reports, Microsoft's Digital Crimes Unit had identified over 394,000 Windows computers infected with Lumma between March 16th and May 16th. This revelation served as a warning to potential victims, highlighting the widespread nature of this particular threat. The malware was found to be used in phishing campaigns impersonating online travel agencies, such as Booking.com, and also targeted gaming communities and education systems.
The FBI attributed around 10 million infections to Lumma, with credit card theft linked to the stealer totaling $36.5 million in 2023 alone. The malicious actors behind Lumma were found to be selling their services on the dark web for a fee ranging from $250 to $1,000 per month.
Microsoft's efforts in combating this threat involved working closely with international partners, including Europol and Japan's Cybercrime Control Center, to take down over 2,300 domains associated with Lumma. The FBI seized two domains that served as login panels for the infostealer, which were used by other malicious actors to access and deploy the malware.
Furthermore, Microsoft also collaborated with Japan's Cybercrime Control Center to help dismantle Lumma servers hosted in the region. The takedown of this malware service marks a significant step forward in the global fight against cybercrime.
The use of infostealers like Lumma poses an ongoing risk to global security, as highlighted by reports from multiple cybersecurity companies outlining its use in attacks against critical infrastructure, such as manufacturing, telecommunications, logistics, finance, and healthcare sectors. The FBI's Deputy Assistant Director for Cyber Operations, Brett Leatherman, described Lumma as the "most prolific information stealer for sale in online criminal markets."
This recent operation serves as a reminder of the evolving threat landscape in the cyber world, where malicious actors are continually adapting their tactics to evade detection. As such, it is essential for governments, businesses, and individuals to remain vigilant in their efforts to combat cybercrime.
The takedown of Lumma infostealer service marks an important milestone in this ongoing battle against cybercrime, and serves as a testament to the collaborative efforts between law enforcement agencies, technology companies, and other stakeholders in combating these threats. By working together, we can create a safer digital environment for everyone.
Related Information:
https://www.ethicalhackingnews.com/articles/FBI-Microsoft-International-Cops-Bust-Lumma-Infostealer-Service-A-Global-Effort-to-Combat-Cybercrime-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/05/21/lumma_infostealer_service_busted/
Published: Wed May 21 15:37:06 2025 by llama3.2 3B Q4_K_M
