Microsoft eliminates the malware found in 394,000 pc with Windows
Infantsealer malware has recently been increasing, and that is evident by the thousands of millions of records of filtered users online only in the last year. This type of malware is directed to everything, from its name, telephone number and address to financial details and cryptocurrencies. Leading the load is the infant of Lumma.
I have been informing about this malware since last year, and security researchers have called it one of the most dangerous infaptealists, infecting millions. There have been innumerable incidents of Lumma pointing to people’s personal data (more about this later), but the good news is that Microsoft has demolished it.
The Redmond headquarters announced that the Lumma Stealer malware operation has dismantled with the help of law application agencies worldwide.
Unique Cyberguy’s free report: Obtain my expert technology advice, critical security alerts and exclusive offers, in addition to instant access to my Free Definitive Scam Survival Guide When you register!
Illustration of a hacker at work (Kurt “Cyberguy” Knutsson)
What you need to know
Microsoft confirmed that it has successfully eliminated the Lumma Stealer malware network in collaboration with agencies for the application of the whole world. In BlogThe company revealed that its digital crimes unit had tracked infections in more than 394,000 Windows devices worldwide between March 16 and May 16.
Lumma was a reference tool for cybercriminals, often used to divert confidential information such as login credentials, credit card numbers, bank account details and cryptocurrency wallet data. The scope and impact of malware made it a favored choice between threat actors for financial theft and data violations.
Massive data violation exposes 184 million passwords and session
To interrupt the operation of malware, Microsoft obtained a court order from the United States District Court for the Northern District of Georgia, which allowed the company to eliminate key domains that supported Lumma infrastructure. This was followed by the United States Department of Justice intervening to take control of the Lumma central command system and close the markets where malware was sold.
International cooperation also played an important role. The Japan Cybercrime crime unit helped dismantle the infrastructure locally lodged in lumma, while Europol helped shares against hundreds of domains used in the operation. In total, more than 1,300 domains were seized or redirected to sinks administered by Microsoft to avoid more damage.
Microsoft says that this demolition effort also included the support of industry partners such as Cloudflare, Bitsight and Lumen, which helped dismantle the broader ecosystem that allowed Lumma to prosper.
HP laptop (Kurt “Cyberguy” Knutsson)
The new malware explodes false updates to steal data
More about Lumma’s infant
Lumma is a malware as a service (Maas) that has been marketed and sold through underground forums since at least 2022. Over the years, its developers have published multiple versions to continually improve their capabilities. I first reported Lumma in February 2024, when it was Used by hackers to access Google accounts Use of expired cookies containing login information.
Lumma Continued aimed at userswith reports in October 2024 revealing that it was False human verification pages of impersonation To deceive Windows users to share confidential information. The malware was not limited to Windows. In January 2024, security researchers found aimed at 100 million Mac userssteal navigator credentials, cryptocurrency wallets and other personal data.
Windows portable (Kurt “Cyberguy” Knutsson)
How to eliminate malware on a PC (2025)
6 ways that can be protected from infestator’s malware
To protect themselves from the evolutionary threat of infostaler malware, which continues to address users through sophisticated social engineering tactics, consider taking these six essential security measures:
1. Be skeptical of the captcha indications: Legitimate captcha tests never require Windows + R, copy commands or stick anything in Powershell. If a website tells you to do this, it is likely to be a scam. Close the page immediately and avoid interacting with it.
2. Do not click links from emails not verified and use strong antivirus software: Many infant infants attacks begin with phishing emails that are passed through reliable services. Always check the sender before clicking on the links. If an email seems urgent or unexpected, go directly to the company’s official website instead of clicking any link inside the email.
The best way to safeguard the malicious links that install malware, which potentially access their private information, is to have strong antivirus software installed on all its devices. This protection can also alert it to the PHISHING Electronic Correos and Ransomware scams, maintaining their personal information and their safe digital assets. Get my elections for the best antivirus protection winners 2025 for your Windows, Mac, Android and iOS devices.
3. Enable two factors authentication: Allow two factors authentication (2FA) Whenever possible. This adds an additional security layer when requiring a second form of verification, such as a code sent to your phone, in addition to your password.
4. Keep updated devices: Regularly Update of your operating system, browser and safety software He assures that he has the last patches against known vulnerabilities. Cybercounts exploit obsolete systems, so allowing automatic updates is a simple but effective way to stay protected.
What is artificial intelligence (AI)?
5. Monitor your accounts for suspicious activity and change your passwords: If you have interacted with a suspicious website, a Phishing email or a false login page, see your online accounts to obtain any unusual activity. Look for unexpected login attempts, unauthorized password remains or financial transactions that you do not recognize. If something seems off, change your passwords immediately and report the activity to the relevant service provider. In addition, consider using a Password administrator to generate and store complex passwords. Get more details about me The best password administrators reviewed by experts from 2025 here.
6. Invest in a personal data elimination service: Consider using a service that monitors your personal information and alerts it to possible infractions or the unauthorized use of your data. These services can provide early warning signals of identity theft or other malicious activities resulting from infostaler malware or similar attacks. While no service promises to eliminate all its Internet data, having an elimination service is excellent if you want to constantly monitor and automate the process of eliminating your information from hundreds of sites continuously for a longer period of time. See my best selections to obtain data disposal services here.
Get a free scan To know if your personal information is now available on the web.
Malware steals bank cards and passwords from millions of devices
Kurt key takeway
The demolition of Microsoft of the Lumma Stealer malware network is a great victory in the fight against infants infants, who have fed an increase in data infractions during the past year. Lumma had become a reference tool for cybercriminals, aimed at everything, from browser credentials to cryptographic wallets in Windows and Mac systems. I have been tracking this malware since the beginning of 2024, and its ability to impersonate human verification pages and the abuse of expired cookies made it especially dangerous.
Click here to get the News application
Do you feel that technological companies are doing enough to protect malware users like this? Get us knowing in Cyberguy.com/contact
To obtain more technological tips and safety alerts, subscribe to my free Cyberguy Report newsletter when you head Cyberguy.com/newsletter
Ask Kurt a question or let us know what stories we would like to cover
Follow Kurt in his social channels
- YouTube
Answers to Cyberguys most facts:
- What is the best way to protect your MAC devices, Windows, iPhone and Android to be pirate?
- What is the best way to stay private, safe and anonymous while navigating the web?
- How can I get rid of robocalls with data elimination applications and services?
- How do I eliminate my private internet data?
New Kurt:
- Try the new Cyberguy games (crosswords, words searches, trivia and more!)
- Cyberguy exclusive coupons and offers
Copyright 2025 Cyberguy.com. All rights reserved.
Kurt “Cyberguy” Knutsson is a award -winning technological journalist who has a deep love for technology, equipment and devices that improve life with their contributions for News & News Business that start the mornings in “News & Friends”. Do you have a technological question? Get the free Kurt’s free newsletter, share your voice, an idea of the story or comment on Cyberguy.com.