A global law enforcement and private sector operation has dismantled the infrastructure of the LummaC stealer, seizing thousands of domains used for command-and-control. This takedown disrupts malware that has stolen millions of login credentials and cryptocurrency data from infected Windows systems worldwide. #LummaC2 #CyberCrimeInfrastructure
Keypoints
- The Lumma Stealer malware has been responsible for over 1.7 million theft incidents globally since late 2022.
- Law enforcement agencies seized about 2,300 domains forming Lumma’s command-and-control infrastructure, cutting off its communication channels.
- The malware operates as a malware-as-a-service, with tiered subscription plans marketing different levels of stealth and customization.
- The developers of Lumma are based in Russia and utilize platforms like Telegram for distributing their services and updates.
- The operation used sophisticated obfuscation and resilient distribution methods, including cloud services and hijacked ad networks, to evade detection.
Read More: https://thehackernews.com/2025/05/fbi-and-europol-disrupt-lumma-stealer.html