Microsoft Targets Rapidly Rising Malware: Lumma Stealer Explained

Microsoft has announced that its Digital Crimes Unit (DCU) recently filed a legal case against Lumma Stealer.

It is a notorious malware strain that has infected nearly 400,000 Windows systems around the world in just the past two months.

Lumma Stealer is an advanced piece of malware engineered to extract sensitive information from a range of sources. According to Microsoft, it can access data from web browsers, cryptocurrency wallets, and other commonly used applications. In addition to data theft, the malware is also capable of deploying further malicious software on infected systems.

The legal complaint was filed last week in the U.S. District Court of the Northern District of Georgia, empowering Microsoft to take immediate action against the infrastructure supporting the malware.

The company confirmed that its DCU was instrumental in the “takedown, suspension, and blocking of malicious domains that formed the backbone of Lumma’s infrastructure.”

In parallel efforts, the U.S. Department of Justice (DoJ) reported the seizure of five internet domains that were central to the operation of the LummaC2 malware service. Additionally, these domains were reportedly used by cybercriminals to distribute and manage the malware. The FBI’s Dallas Field Office is currently leading the investigation into the case.

Microsoft emphasized that Lumma Stealer represents more than just a single threat. Moreover, it reflects a broader trend in the evolution of cybercrime. In a separate blog post, the company warned:

“The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscores the need for layered defenses and industry collaboration to counter threats.”

Cybercriminals are using increasingly sophisticated tools. Microsoft’s actions highlight the need for cross-industry cooperation, strong legal frameworks, and layered cybersecurity defenses to protect users and systems globally.