- The DoJ announced the entry of several areas used by Lumma Stealer
- The infostaler is linked to some of the largest cyber attacks in recent times
- Malware has caused millions of dollars in damage
The United States Ministry of Justice, with the FBI and Microsoft, disrupted Lumma Stealer’s operations, one of the greatest variants of malicious software to steal information.
In a press release published on the DoJ website earlier this week, it was explained that law enforcement organizations have entered five Internet domains used to deploy Lummac2. Threat actors tried to move their operations and create three new areas, which were also quickly taken up by the Doj.
In addition, Microsoft has removed 2,300 additional internet fields linked to Lummac2 criminal activities.
High level attacks
Lumma Stealer is a popular infosteller that enters sensitive information such as connection identification information, browser information and cryptocurrency wallet data. It is generally distributed through malicious websites and phishing campaigns, and has been seen in many high -level cyber attacks. The seized areas were used by different cybercriminals to access and deploy the infostal later.
The FBI said that malware has been used in at least 1.7 million instances since the end of 2023 and have resulted in around 10 million infections. These infections led to losses of more than $ 36 million in 2023 only. The DoJ now offers a bonus of $ 10 million for information on cyber attacks against American infrastructure, led by threat actors sponsored by the foreign state.
Lumma has been involved in many high -level cybercriminal cases, including the attack on Schneider Electric which occurred in early November 2024. In this case, Hudson Rock researchers revealed that criminals behind the attack claimed to have stolen “critical data”, including projects, problems and plugins, as well as 400,000 lines of user data, totaling more than 40 GB of compressed data.
The same infostealer has apparently also used to steal identification information which was then used to enter into the storage accounts of people’s snowflakes, triggering one of the larger supply chain attacks in recent times.
Via The register
