2,300 domains neutralized, command infrastructure seized: As part of the legal action filed in the US District Court for the Northern District of Georgia, Microsoft secured authorization to seize and disrupt a core component of Lumma’s ecosystem: its domain infrastructure. These domains acted as communication nodes between infected devices and the malware’s operators.According to the DOJ press release, its unsealed warrants targeted five critical domains, referred to as “user panels,” used by Lumma administrators and affiliates to deploy malware and manage stolen data. On May 19 and 20, federal agents successfully seized all five.Following the takedown, visitors to the seized sites now see a DOJ seizure notice, effectively shutting down access to Lumma’s control interfaces.
Criminal innovation: Lumma’s rise and reach: The creator of Lumma, known online as “Shamel,” operates from Russia and has marketed the malware through Telegram and other Russian-language forums. Shamel branded the malware with a bird logo and the tagline: “making money with us is just as easy.”A November 2023 interview with a researcher known as “g0njxa” revealed that Lumma had “about 400 active clients,” highlighting the professionalization of cybercrime, where tools like Lumma mimic software-as-a-service models with tiered pricing and affiliate support.
Looking ahead: Heightened vigilance needed: Despite the takedown, experts caution that Lumma and similar malware-as-a-service operations could resurface under new names or reconstituted infrastructure. The operation underscores the persistent threat posed by cybercriminals operating from jurisdictions that provide a safe haven or lack strong enforcement mechanisms.”This action makes it harder, and more painful, for cybercriminals to operate,” Bryan Vorndran, assistant director of the FBI’s cyber division, said in the press release.While the disruption is a major win, the threat landscape remains volatile. As attackers adapt, the global cybersecurity community must maintain its vigilance and deepen cross-sector collaboration to defend against an ever-evolving enemy.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/3993289/feds-and-microsoft-crush-lumma-stealer-that-stole-millions-of-passwords.html
