Microsoft Says 394,000 Windows Computers Infected By Lumma Malware Globally (cnbc.com)
(Wednesday May 21, 2025 @05:20PM (BeauHD)
from the cease-and-desist dept.)
- Reference: 0177679783
- News link: https://it.slashdot.org/story/25/05/21/1954240/microsoft-says-394000-windows-computers-infected-by-lumma-malware-globally
- Source link: https://www.cnbc.com/2025/05/21/microsoft-malware-windows.html
An anonymous reader quotes a report from CNBC:
> Microsoft said Wednesday that it broke down the Lumma Stealer malware project with the help of law enforcement officials across the globe. The tech giant said in a blog post that its digital crimes unit [1]discovered more than 394,000 Windows computers were infected by the Lumma malware worldwide between March 16 through May 16. The Lumma malware was a favorite hacking tool used by bad actors, Microsoft said in the post. Hackers used the malware to steal passwords, credit cards, bank accounts and cryptocurrency wallets.
>
> Microsoft said its digital crimes unit was able to dismantle the web domains underpinning Lumma's infrastructure with the help of a court order from the U.S. District Court for the Northern District of Georgia. The U.S. Department of Justice then took control of Lumma's "central command structure" and squashed the online marketplaces where bad actors purchased the malware. The cybercrime control center of Japan "facilitated the suspension of locally based Lumma infrastructure," the blog post said.
"Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims," Microsoft said in the post. "Moreover, more than 1,300 domains seized by or transferred to Microsoft, including 300 domains actioned by law enforcement with the support of Europol, will be redirected to Microsoft sinkholes." Cloudflare, Bitsight and Lumen also helped break down the Lumma malware ecosystem.
[1] https://www.cnbc.com/2025/05/21/microsoft-malware-windows.html
> Microsoft said Wednesday that it broke down the Lumma Stealer malware project with the help of law enforcement officials across the globe. The tech giant said in a blog post that its digital crimes unit [1]discovered more than 394,000 Windows computers were infected by the Lumma malware worldwide between March 16 through May 16. The Lumma malware was a favorite hacking tool used by bad actors, Microsoft said in the post. Hackers used the malware to steal passwords, credit cards, bank accounts and cryptocurrency wallets.
>
> Microsoft said its digital crimes unit was able to dismantle the web domains underpinning Lumma's infrastructure with the help of a court order from the U.S. District Court for the Northern District of Georgia. The U.S. Department of Justice then took control of Lumma's "central command structure" and squashed the online marketplaces where bad actors purchased the malware. The cybercrime control center of Japan "facilitated the suspension of locally based Lumma infrastructure," the blog post said.
"Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims," Microsoft said in the post. "Moreover, more than 1,300 domains seized by or transferred to Microsoft, including 300 domains actioned by law enforcement with the support of Europol, will be redirected to Microsoft sinkholes." Cloudflare, Bitsight and Lumen also helped break down the Lumma malware ecosystem.
[1] https://www.cnbc.com/2025/05/21/microsoft-malware-windows.html
Maybe if MS products were not insecure crap.. (Score:2)
by gweihir ( 88907 )
We would not have that problem. But as an IT security expert, my impression is it is now harder to use Windows securely than Linux.
Re: (Score:2)
by MightyMartian ( 840721 )
My last experience with Windows 11 informs me that it's just plain hard to use Windows at all, securely or otherwise. We've been using Debian with Gnome with some public-facing computers, and there have literally no issues at all.
Need to close the Win+R trick (Score:2)
by xack ( 5304745 )
Don't allow copy and paste of unverified commands into the run box.
Re: (Score:2)
by Lanforod ( 1344011 )
explain 'how' you suggest they do this? close that hole, the next version is going to have the user open cmd, wt or Powershell and do the same thing... The list of cmdlets that can pull something off a remtoe server is pretty long.
Can I Has Sinkhole? (Score:1)
by zenlessyank ( 748553 )
Me use it good. Me promise.
Meanwhile, back in Redmond (Score:2)
Meanwhile, back in Redmond, Microsoft continues its plan to force install Microsoft Recall on all Windows machines.
Re: (Score:2)
Indeed. Fortunately that will be quite illegal in the EU. I guess the EU will get a special version and the US users will just have to swallow that frog.