Tech giant Microsoft has taken sweeping legal action to neutralize “Lumma Stealer,” a powerful malware tool that has silently siphoned sensitive data from hundreds of thousands of computers worldwide.
In a blog post published May 21, Microsoft revealed it secured a federal court order in Georgia granting its Digital Crimes Unit (DCU) the authority to dismantle the malware’s digital infrastructure. The ruling enabled Microsoft to remove, block, or suspend nearly 2,300 websites linked to Lumma’s operations.
The company confirmed its efforts were coordinated with law enforcement agencies across multiple jurisdictions, including the U.S. Department of Justice, Europol’s European Cybercrime Centre, and Japan’s Cybercrime Control Centre. Central servers controlling Lumma’s activity and the underground marketplaces where the tool was distributed have also been seized or shut down.
Lumma Stealer, active since 2022, has evolved through several versions and is known to be sold on underground forums. It allows attackers to extract a wide range of sensitive data, including passwords, financial information, and crypto wallet credentials, from infected devices.
According to Microsoft, between March 16 and May 16 alone, the malware had infiltrated more than 394,000 Windows systems. The company, working alongside cybersecurity firms and global law enforcement, severed communications between these compromised devices and Lumma’s command centres.
This takedown comes at a time of heightened concern over digital threats. Cybercriminals are increasingly deploying crypto drainers—malicious software designed to empty victims’ digital wallets—via phishing sites, fake browser extensions, counterfeit airdrops, and more.
According to a new report from Google Threat Intelligence, just days ago, a Russian-backed cyber-espionage group, COLDRIVER, ramped up its tactics by deploying a new malware strain known as LOSTKEYS, targeting high-profile Western individuals and organizations.
Meanwhile, Cybersecurity experts sounded the alarm on a new malware campaign targeting users of popular crypto wallets like Atomic and Exodus, with Ethereum, XRP, and Solana assets in the crosshairs.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
