A collaborative international operation has significantly disrupted the Lumma malware-as-a-service (MaaS) scheme, taking control of around 2,300 domains used by cybercriminals.
The coordinated effort, led by Microsoft and supported by agencies such as the DOJ, Europol, and Japan's JC3, also shut down Lumma's control panel and seized parts of its global infrastructure.
Lumma, active since late 2022, is a powerful info-stealer targeting Windows and macOS, capable of extracting credentials, financial data, and browser information, which are later sold or used in further attacks.
Microsoft reported nearly 400,000 infected systems worldwide in just two months. Cloudflare and other tech firms also participated, implementing new defenses after Lumma malware bypassed existing warning systems.
The FBI and CISA have since released detailed advisories to help organizations detect and prevent further infections.
Read more...