Microsoft, in coordination with law enforcement agencies, has disrupted the Lumma malware operation—an aggressive password-stealing campaign that infected over 394,000 Windows computers worldwide, particularly in Brazil, Europe, and the United States.
Through a civil lawsuit, Microsoft obtained a court order to take control of more than 2,300 domains that were part of Lumma’s command-and-control infrastructure. Additionally, the U.S. Department of Justice seized five domains central to the operation’s backend systems.
Lumma malware typically spreads via pirated software and shady online games. Once it infiltrates a system, it harvests sensitive data such as login credentials, passwords, credit card numbers, and cryptocurrency wallet information. This data is then sold to cybercriminals on underground markets. Lumma can also act as a gateway, allowing attackers to install further malicious software, including ransomware.
This type of password-stealing malware has been implicated in major data breaches affecting high-profile tech firms such as PowerSchool and Snowflake.
We have helped 20+ companies in industries like Finance, Transportation, Health, Tourism, Events, Education, Sports.
