In a major cybersecurity operation, global authorities joined forces with Microsoft to disrupt the Lumma Stealer malware network. This infostealer had compromised over 394,000 Windows computers worldwide between March and May 2025. The collaboration underscores the critical importance of cross-border coordination in tackling cybercrime.
What is Lumma Stealer?
Lumma Stealer, also referred to as LummaC2, is a Malware-as-a-Service (MaaS) platform designed to steal sensitive information from infected computers. Developed by a cybercriminal named “Shamel,” it targets passwords, banking details, credit card information, and cryptocurrency wallets. Its ease of deployment and stealth capabilities made it a widely adopted tool in cybercriminal networks.
Legal Measures and Domain Takedown
Microsoft’s Digital Crimes Unit (DCU) filed legal proceedings in the U.S. District Court for the Northern District of Georgia, leading to the seizure of approximately 2,300 domains associated with Lumma Stealer. Over 1,300 of these domains were redirected to Microsoft-controlled sinkhole servers, enabling monitoring of malware activity and collection of critical threat intelligence.
DOJ Intervention
The U.S. Department of Justice (DOJ) seized the command-and-control infrastructure of Lumma Stealer, disrupting the malware’s operational capabilities. Additionally, the DOJ targeted online marketplaces where the malware was sold, cutting off its financial support and limiting further infections.
Europol’s Global Coordination
Europol’s European Cybercrime Centre played a vital role by coordinating efforts across multiple jurisdictions. Their support ensured that the takedown was executed simultaneously in different countries, reducing the risk of malware migration and strengthening the overall impact of the operation.
Infection Methods
Lumma Stealer primarily spread through phishing emails, malicious software downloads, and fake software updates. Once installed, it harvested data from browsers, files, and cryptocurrency wallets while remaining undetected. This stealthy behavior made it challenging for organizations and individual users to defend against the malware without coordinated intervention.
Global Impact
The malware affected both enterprises and individuals. Victims suffered identity theft, financial fraud, and unauthorized access to confidential information. Organizations experienced breaches of customer and internal data. The takedown significantly reduces the threat posed by Lumma Stealer and demonstrates the effectiveness of international cooperation in cybersecurity.
Microsoft’s Cybersecurity Initiatives
This operation highlights Microsoft’s commitment to digital safety. By combining legal authority, technological measures, and partnerships with global authorities, Microsoft successfully neutralized one of the most significant infostealer campaigns in recent years. It emphasizes the importance of proactive collaboration between private and public sectors.
Key Takeaways
- Lumma Stealer compromised over 394,000 computers globally.
- Operation executed by Microsoft DCU in collaboration with DOJ and Europol.
- 2,300 malicious domains seized; 1,300 redirected to sinkhole servers.
- Malware targeted sensitive information including passwords and crypto wallets.
- International coordination is critical in combating complex cyber threats.
Read Full Article : https://bizinfopro.com/news/it-news/microsoft-and-global-authorities-dismantle-lumma-stealer-malware-network-2/
About Us : BizInfoPro is a modern business publication designed to inform, inspire, and empower decision-makers, entrepreneurs, and forward-thinking professionals. With a focus on practical insights and in‑depth analysis, it explores the evolving landscape of global business—covering emerging markets, industry innovations, strategic growth opportunities, and actionable content that supports smarter decision‑making.
