Microsoft demolins malicious software at 394,000 PC Windows

Infostealer Malware has recently increased, and this is evident from the Millions of user records were leaked online only in the last year. This type of malicious software addresses everything from your name, phone number and address to financial details and cryptocurrency. The charge is the Lumma Infostealer.

I have been reporting this malicious software since last year, and security researchers have called it one of the most dangerous infostelers, infecting millions. There have been countless light incidents aimed at people’s personal data (more information about it later), but the good news is that Microsoft has demolished it.

The Redmond -based company announced that it has dismantled Lumma Stealer’s malicious software operation with the help of police agencies around the world.

UNIV: Get my expert technology tips, critical security alerts and exclusive offers, as well as instantaneous access to my Free Survival Guide to the definitive scam When you register!

What you need to know

Microsoft confirmed that he has successfully demolished the Lumma Stealer malicious software network in collaboration with police agencies around the world. In a Bloc publicationThe company revealed that its digital crime unit had tracked infections in more than 394,000 Windows devices worldwide between March 16 and May 16.

Lumma was an ideal tool for cybercrimers, often used by Sifon sensitive information such as login credentials, credit card numbers, bank account details and cryptocurrency portfolio data. The scope and impact of malicious software became a choice favored between the actors of threat to financial theft and data breach.

Mass breach of data exposes 184 million passwords and login starts

To alter the operation of malicious software, Microsoft obtained a court order from the United States District Court for the Northern District of Georgia, which allowed the company to demolish key domains that support Lumma’s infrastructure. It was followed by the United States Justice Department to take advantage of the control of the Lumma Basic Command System and closed the markets where the malicious software was sold.

International cooperation also played an important role. The Japan cybercrime unit helped dismantle Lumma Local Infrastructure, while Europol helped actions against hundreds of domains used in the operation. In total, more than 1,300 domains were requisitioned or redirected to Microsoft -managed holes to avoid further damage.

Microsoft says that this retirement effort also included the support of industry partners such as Cloudflare, Bitsight and Lumen, which helped dismantle the broadest ecosystem that allowed Lumma to prosper.

New software programmers explodes fake updates to steal data

More information about the infosteler lumm

Lumma is a malicious software as a service (Maas) that has been marketed and sold through underground forums since at least 2022. Over the years, its developers have launched multiple versions to constantly improve their capabilities. I first reported Lumma in February 2024, when it was used by pirates to access Google accounts Using expired cookies containing login information.

Lumma Continuous oriented usersWith the reports of October 2024, they were revealed that it was False Human Verification Pages To deceive Windows users to share sensitive information. Malicious software was not limited to Windows. In January 2024, security researchers found that malicious software Infostealer was Guidance of 100 million Mac usersStealing credentials from your browser, cryptocurrency portfolios and other personal data.

How to eliminate malicious software in a PC (2025)

6 ways to protect –S of the malware infostealer

In order to protect the evolutionary threat of Malicious Infostealer software, which continues to address users through sophisticated social engineering tactics, consider these six essential safety measures:

1. Be skeptical of CAPTCHA’s directions: CAPTCHA’s legitimate tests never require you to press Windows + R, copy orders or paste anything to Powershell. If a website tells you that you do it, it is likely to be a scam. Close the page immediately and avoid interacting with it.

2. Do not click the non -verified email links and use a strong antivirus software: Many infostealer attacks begin with Phishing emails that supplant trust services. Always verify the sender before clicking the links. If an email seems urgent or unexpected, go directly to the company’s official website instead of clicking on any link inside the email.

The best way to protect the malicious links that install malicious software, which can potentially access private information, is to install a strong antivirus software on all your devices. This protection can also alert you to Phishing emails and ransomware scams, maintaining safe personal information and digital assets. Get my options for the best antivirus 2025 protection winners for your Windows, Mac, Android and iOS devices.

3. Activate the authentication of two factors: Enable Authentication of two factors (2f) whenever possible. This adds an additional security layer requiring a second form of verification, such as a code sent to the phone, as well as your password.

4. Keep updated devices: Regularly Update your operating system, browser and safety software Ensures that you have the last patches against known vulnerabilities. Cyberdelinquents exploit obsolete systems, so allowing automatic updates is a simple but effective way to keep it protected.

What is artificial intelligence (AI)?

5. Supervise your accounts for suspicious activities and change the passwords: If you have interacted with a suspicious website, a phishing email or a fake login page, see your online accounts for any unusual activity. Find unexpected login attempts, unauthorized password resetings or financial transactions you do not recognize. If something seems disabled, change your passwords immediately and report the activity to the relevant service provider. Also consider using a Password manager to generate and store complex passwords. Get more details about my The best password managers reviewed by 2025 experts here.

6. Invest in a personal data removal service: Consider using a service that supervises your personal information and alert you to possible breaches or unauthorized use of your data. These services can provide signs of early alert for identity theft or other malicious activities arising from malicious infosteler software or similar attacks. While no service promises to delete all of your Internet data, having a delete service is excellent if you want to constantly control and automate the process of eliminating the information of hundreds of places continuously for a longer period of time. ​Check out my best options for data removal services here.

Get a Free Exploration To know if your personal information is already on the net.

Malware clothes of bank cards and passwords of millions of devices

Kurt’s Key Takeaway

Microsoft withdrawal from Lumma Streeter software network is an important victory in the fight against infostelers, which have driven an increase in data breaches over the last year. Lumma had become an ideal tool for cybercrime, addressing everything from the browser credentials to the crypt wallets through Windows and Mac Systems. I have been tracking this malicious software since the beginning of 2024, and its ability to supplant human verification pages and expired cookies of abuse made it especially dangerous.

Click here to get the Fox News app

Do you think technology companies are doing enough to protect malicious software users like this? Do -us to know by writing -us to Cyberguy.com/contact

For more information on my technology tips and security alerts, subscribe -Free Cyberguy Report Bulletin Cyberguy.com/newsletter

Ask a question to Kurt or to know what stories you would like to cover

Follow Kurt in their social channels

Answers to Cyberguy Questions Most Failed:

New of Kurt:

Copyright 2025 cyberguy.com. All rights reserved.