Microsoft claims that a US court has authorized it to impair 2,300 websites that are essential to Lumma Stealer’s operations
Microsoft, the technology behemoth, has announced that it has initiated legal proceedings against the information-stealing malware Lumma Stealer and has blocked thousands of websites associated with the software.
In a blog post published on May 21, Microsoft disclosed that a federal court in Georgia had authorized the company’s digital crimes unit to suspend, block, or remove nearly 2,300 websites essential to Lumma’s operations.
Additionally, Microsoft has worked with local and international law enforcement agencies to deconstruct the project’s infrastructure.
According to the company, the US Department of Justice seized Lumma’s central command structure, and marketplaces where the tool was sold to other cybercriminals were disrupted.
According to Microsoft, Lumma has been sold through underground forums since 2022, and it has undergone numerous enhancements since its introduction.
The suspension of Lumma infrastructure, which is locally based, was also facilitated by the European Cybercrime Center of Europol and the Cybercrime Control Center of Japan.
Lumma is a malware tool that enables malicious actors to acquire various information, including passwords, credit card information, and details of bank accounts and crypto wallets.
Microsoft reported identifying more than 394,000 Windows computers infected by the Lumma malware between March 16 and May 16. The company collaborated with law enforcement agencies and cybersecurity firms to disrupt communication between the tool and the infected devices.
Increase in Malicious Behavior
Crypto drainers are software specifically intended to steal the contents of crypto wallets. They are frequently found on phishing sites, malicious extensions, and fake airdrops.
Procolored, a Chinese printer manufacturer, is purported to have distributed Bitcoin-stealing malware with its official drivers earlier this week. This action led to the loss of approximately $953,000 in cryptocurrency.
AMLBot reported last month that crypto drainers are now being sold as SaaS products, enabling unsophisticated bad actors to rent the service for as little as $100.
According to a report released on February 7 by blockchain analytics firm Chainalysis, fraudulent activity resulted in nearly $51 billion in cryptocurrency loss in 2024. The report also noted that professional crime networks, fraud cartels, nation-state-sponsored hackers, and AI-powered schemes have assumed a prominent role.
According to the FBI’s cyber division, Americans lost an estimated $9.3 billion in 2024 due to crypto scams and forgeries. The most susceptible demographic was those over the age of 60.
In the interim, North Korean hackers have misappropriated nearly $3 billion in cryptocurrencies between 2017 and 2023. Crypto firm Paradigm has reported that these hackers have become increasingly sophisticated.
