Lumma Stealer’s Downfall: How Law Enforcement and Microsoft Crushed a Cybercrime Empire

Microsoft found 394,000 Windows systems infected by Lumma Stealer, a Malware-as-a-Service (MaaS). Thanks to a US court order, Europol, and Japan’s JC3, the cybercriminal operation behind it was dismantled. With domains seized and control panels taken down, Lumma Stealer’s infrastructure took a major hit.

3P
Published: May 22, 2025 9:55 amAdded: May 22, 2025 at 3:12 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Well, it seems like Lumma Stealer’s criminal empire has finally seen its sunset. Who knew that being a cyber crook could end with your servers getting seized faster than you can say “Ctrl+Alt+Delete”? With a US court order, Europol, and Japan’s JC3 all teaming up, it’s like the Avengers of cybersecurity came together to give Lumma the boot. This is one malware operation that won’t be phishin’ around anymore!

Key Points:

  • Law enforcement dismantled Lumma Stealer’s infrastructure, seizing 2,300 domains.
  • Over 394,000 Windows systems were affected, including global manufacturers.
  • Lumma Stealer was a Malware-as-a-Service, targeting sensitive information.
  • Microsoft tracked the malware’s spread and identified threat actor Storm-2477.
  • The operation used a complex C2 infrastructure with encrypted communications.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?