Particle.news
Download on the App Store
14 ARTICLES
·
4w ago

Global Coalition Dismantles Lumma Malware Infrastructure

Authorities seize over 2,300 domains and disrupt operations of Russian-developed malware used in widespread cybercrime.

A view shows a Microsoft logo at Microsoft offices in Issy-les-Moulineaux near Paris, France, March 21, 2025. REUTERS/Gonzalo Fuentes/File Photo
Image
Digital map displaying parts of Europe, Asia, and Africa with regions highlighted in blue and red, possibly indicating different territories or data values.
Image

Overview

  • Microsoft's Digital Crimes Unit, with global law enforcement and tech partners, seized 2,300 domains and disrupted Lumma's command-and-control servers.
  • The operation severed links between Lumma malware and over 394,000 infected Windows machines globally, preventing further exploitation.
  • Lumma, marketed as malware-as-a-service by a Russian developer known as 'Shamel,' has been used to steal credentials, financial data, and cryptocurrency wallets.
  • The malware was distributed through phishing, malvertising, and fake AI tools, enabling cybercriminals to target sectors including healthcare, education, and critical infrastructure.
  • Despite the takedown, experts warn of a potential resurgence due to Lumma's adaptable subscription model and safe-haven development environment in Russia.