Hundreds of thousands of computers with Windows were recently infected by malware as a service known as Lumma Stealer, Microsoft announced on Wednesday and added that it cut communications between malware and victims worldwide.
Key data
According to the company, more than 394,000 Windows computers worldwide were infected by Lumma between March 16 and May 16.
Microsoft cut the communications between malware and its victims, in addition to confiscating more than 1,300 domains used by malware.
Three hundred domains will be redirected to Microsoft sinks: controlled domains used to capture and evaluate malicious traffic.
Microsoft said that it had “taken possession and facilitated the elimination, suspension and blockade” of malicious domains that served as a core of the Lumma operation, and pointed out that the Department of Justice had also taken possession of the “central command structure” of Lumma and interrupted the markets in which it is sold.
What is Lumma?
Lumma is a Russian malware as a service that is sold in clandestine forums to hackers who usually use it, supplanting the identity of trusted brands, to monetize stolen information or exploit their victims.
Lee: Microsoft announces that it will fire about 6,000 employees
Lumma has been used to steal passwords, bank information and cryptocurrency purses, allowing hackers to demand a ransom or interrupt the activity of their accounts.
Malware recently identified in a hacking campaign that used Phishing attacks by supplanting the identity of the Booking.com online travel agency. In general, Lumma has been used to attack communities of video games and sectors such as health, telecommunications, finance, manufacturing and logistics.
What we don’t know
In which part of the world the attacks of Lumma originated specifically between March 16 and May 16. Microsoft also did not specify whether the computers belonged to individuals or companies or what sectors, if there were, they were affected by the attacks.
Large number
About 400. That is the number of active customers that the Lumma developer, known as “Shamel,” said they have in 2023.
Key history
CyberATeques increased significantly in 2025, according to a study by the CECK Point computer software firm, which reported that the global education sector recorded the greatest number of attacks in the first quarter of this year (4484 weekly attacks).
Lee: Microsoft increases Xbox prices: games reach $ 80 and console prices rise more than 20%
New technologies, such as generative artificial intelligence, are helping cybercriminals to carry out increasingly sophisticated attacks, according to the World Economic Forum in its report on global cybersecurity by 2025, which highlights a marked increase in phishing and social engineering attacks last year.
The forum identified the vulnerabilities of the supply chain as the main cyber risk, pointing out that the greater complexity of modern supply chains and the lack of supervision of cybersecurity capacities of suppliers have generated a greater risk for companies.
This article was originally published by Forbes US
Little text and great information in our X (formerly Twitter), follow us!
