What is Lumma Stealer, the malware Microsoft says infected more than 394,000 Windows PCs worldwide? | Technology News

In November last year, threat actors were spotted using fake AI video tools like EditPro laced with Lumma Stealer to infect Windows PCs and send data back to the hacker. Earlier this year, Microsoft identified a phishing campaign that impersonated the popular online travel agency Booking.com, where multiple info stealing malware including Lumma Stealer were used to conducted financial theft and fraud.

The info-stealing malware, which affects popular browsers like Google Chrome, Microsoft Edge and Mozilla Firefox, is designed to steal information like cryptocurrency wallets, credit card details, bank account information and passwords.

First discovered in 2022, Lumma Stealer is also associated with ransomware attacks, school security system breaches, and even used for stealing information or money from financial institutions.

The takedown operation, conducted by Microsoft’s Digital Crimes Unit in coordination with numerous law enforcement agencies across the world like the U.S Department of Justice, Europol and Japan’s Cybercrime Control Centre (JC3), has already seized more than 2,300 domains that acted as the backbone of Lumma’s infrastructure. The U.S. Department of Justice has announced that it seized the central command structure for Lumma and disrupted the underground marketplaces where the malware was being sold.

For those wondering, Microsoft says Lumma Stealer is one of the “leading tools” used by cybercriminals around the world to steal information and money on a large scale.