Microsoft has successfully taken down a notorious malware operation called Lumma, which was found on over 394,000 Windows PCs worldwide, primarily in Brazil, Europe, and the US. The tech giant, in collaboration with law enforcement, took civil action to seize over 2,300 domains used by the malware’s command and control servers.
The Lumma password stealer can be found in pirated games or cracked apps, and once infected, it steals sensitive data such as logins, passwords, credit cards, and cryptocurrency wallets. This stolen information is then sold to other cybercriminals, making Lumma a hub for hackers to distribute ransomware and other malicious software.
Law enforcement has linked the Lumma malware operation to several high-profile cyberattacks that targeted major tech companies like PowerSchool and Snowflake, highlighting its role in compromising sensitive data. With the takedown of this malicious network, Microsoft aims to disrupt the activities of cybercriminals worldwide.
Source: https://techcrunch.com/2025/05/22/microsoft-says-lumma-password-stealer-malware-found-on-394000-windows-pcs