Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries.

The bustling enterprise, recently disrupted by a global effort including ESET, is notorious for going after all manner of sensitive data, including passwords, credit card numbers, and cryptowallet info.

US, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs.

Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains, part of its infrastructure backbone worldwide.

The messages seemed innocuous, mundane even. Someone posing as a prospective guest emailed a hotel questions about a purported comment left on Booking.com. Another message was supposedly from that third-party booking site to review negative guest feedback.

Microsoft announced a coordinated effort to hobble Lumma Stealer, a widely used piece of malware known for stealing personal information and enabling ransomware attacks. The company on Wednesday said it… Read More