Microsoft has warned people about a malware which is very dangerous. Microsoft has launched a major cyber security campaign and destroyed the network of the dangerous Lumma Stealer malware. This malware had infected more than 394,000 Windows computers worldwide. Microsoft said in a blog post that the highest activity of this malware was seen between March 16 and May 16, 2025.
What is Lumma Stealer : - Lumma Stealer is an info-stealing malware working on a "Malware-as-a-Service" (MaaS) model. Cybercriminals can easily buy it online and it is very easy to spread. Traditional antivirus and security defenses are unable to catch it, making it a favorite tool for cyber attackers.
It is usually used through spear-phishing emails, fake advertisements and fake applications. This malware presents itself as trusted brands like Microsoft to deceive the user.
What does it steal : - Lumma Stealer specifically targets web browsers such as Google Chrome, Mozilla Firefox and Microsoft Edge. It steals sensitive information from the user's computer such as cryptocurrency wallets, credit/debit card information, bank account details, saved passwords, browsing history. This malware first appeared in 2022 and has since been used in many cases such as ransomware attacks, school system breaches and thefts from financial institutions.
Microsoft's operation : - Microsoft's Digital Crimes Unit (DCU) conducted a global operation in collaboration with several international agencies including the US Department of Justice (DOJ), Europol and Japan's Cybercrime Control Agency (JC3). More than 2300 domains were seized that were operating the online activities of Lumma Stealer. The US Department of Justice also seized the command and control server (C2 infrastructure) of this malware. Apart from this, those dark web marketplaces were also closed where this malware was being sold.
Why is Lumma Stealer so dangerous : - According to Microsoft, Lumma Stealer is one of the most dangerous and widely used info-stealing tools in today's time. Its purpose is not just to steal data, but to commit large-scale fraud, financial loss and cyber crime.
Read more : -
0 Comments