Microsoft Disrupts Lumma Malware Infecting 390,000 Windows PCs Globally

Microsoft's Digital Crimes Unit has uncovered and helped dismantle the Lumma Stealer malware operation, which infected over 390,000 Windows computers globally within two months. Lumma, a malware-as-a-service developed by the group Storm-2477, steals sensitive information from browsers, cryptocurrency wallets, and other applications. The malware spreads through phishing, malvertising, drive-by downloads, trojanized apps, and fake CAPTCHAs, with malicious campaigns impersonating legitimate software updates to trick users. The U.S. Department of Justice, supported by Microsoft and global partners including Europol, seized domains forming the malware's command infrastructure, effectively disrupting its operation. Microsoft also highlighted that its Defender antivirus can now detect Lumma, enhancing protection against this threat. This coordinated effort underscores the importance of multi-layered defenses and industry collaboration to counter evolving cybercrime threats.