{"id":123452,"date":"2025-05-22T20:38:08","date_gmt":"2025-05-22T20:38:08","guid":{"rendered":"https:\/\/www.europesays.com\/uk\/123452\/"},"modified":"2025-05-22T20:38:08","modified_gmt":"2025-05-22T20:38:08","slug":"microsoft-says-lumma-password-stealer-malware-found-on-394000-windows-pcs","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/uk\/123452\/","title":{"rendered":"Microsoft says Lumma password stealer malware found on 394,000 Windows PCs"},"content":{"rendered":"<p id=\"speakable-summary\" class=\"wp-block-paragraph\">Microsoft and law enforcement have <a href=\"https:\/\/blogs.microsoft.com\/on-the-issues\/2025\/05\/21\/microsoft-leads-global-action-against-favored-cybercrime-tool\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">announced<\/a> a court-authorized takedown of Lumma, a prolific <a href=\"https:\/\/techcrunch.com\/2025\/04\/25\/techcrunch-reference-guide-to-security-terminology\/#infostealers\" target=\"_blank\" rel=\"noreferrer noopener\">info-stealer malware<\/a> operation found on more than 394,000 Windows PCs globally, mostly in Brazil, Europe, and the United States.<\/p>\n<p class=\"wp-block-paragraph\">The tech giant took civil action to ask a federal court to seize 2,300 domains that served as the malware\u2019s network of <a href=\"https:\/\/techcrunch.com\/2025\/04\/25\/techcrunch-reference-guide-to-security-terminology\/#command-and-control-c2\" target=\"_blank\" rel=\"noreferrer noopener\">command and control<\/a> servers. The Justice Department also <a href=\"https:\/\/www.justice.gov\/opa\/pr\/justice-department-seizes-domains-behind-major-information-stealing-malware-operation\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">seized five domains<\/a> used to operate the Lumma infrastructure.<\/p>\n<p class=\"wp-block-paragraph\">The Lumma password stealer can be <a href=\"https:\/\/techcrunch.com\/2025\/03\/21\/valve-removes-video-game-demo-suspected-of-being-malware\/\" target=\"_blank\" rel=\"noreferrer noopener\">found in dodgy games<\/a> or cracked apps downloaded from the internet. Once infected, the malware steals logins, passwords, credit cards, and cryptocurrency wallets from the victim\u2019s computer, which are sold to other cybercriminals. Lumma also serves as a backdoor for hackers who want to drop additional malware, like ransomware.<\/p>\n<p class=\"wp-block-paragraph\">Password-stealing malware like Lumma have been linked to cyberattacks used to steal huge amounts of data from tech companies, like <a href=\"https:\/\/techcrunch.com\/2025\/01\/17\/malware-stole-internal-powerschool-passwords-from-engineers-hacked-computer\/\" target=\"_blank\" rel=\"noreferrer noopener\">PowerSchool<\/a> and <a href=\"https:\/\/techcrunch.com\/2024\/06\/05\/snowflake-customer-passwords-found-online-infostealing-malware\/\" target=\"_blank\" rel=\"noreferrer noopener\">Snowflake<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"Microsoft and law enforcement have announced a court-authorized takedown of Lumma, a prolific info-stealer malware operation found on&hellip;\n","protected":false},"author":2,"featured_media":123453,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[51,54885,3457,2902,22177,13510,507,16,15],"class_list":{"0":"post-123452","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"tag-business","9":"tag-cyberattack","10":"tag-cybersecurity","11":"tag-in-brief","12":"tag-justice-department","13":"tag-malware","14":"tag-microsoft","15":"tag-uk","16":"tag-united-kingdom"},"share_on_mastodon":{"url":"https:\/\/pubeurope.com\/@uk\/114553416161290269","error":""},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/123452","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/comments?post=123452"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/posts\/123452\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media\/123453"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/media?parent=123452"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/categories?post=123452"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/uk\/wp-json\/wp\/v2\/tags?post=123452"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}