Microsoft Says 394,000 Windows Computers Infected By Lumma Malware Globally (cnbc.com) 16
An anonymous reader quotes a report from CNBC: Microsoft said Wednesday that it broke down the Lumma Stealer malware project with the help of law enforcement officials across the globe. The tech giant said in a blog post that its digital crimes unit discovered more than 394,000 Windows computers were infected by the Lumma malware worldwide between March 16 through May 16. The Lumma malware was a favorite hacking tool used by bad actors, Microsoft said in the post. Hackers used the malware to steal passwords, credit cards, bank accounts and cryptocurrency wallets.
Microsoft said its digital crimes unit was able to dismantle the web domains underpinning Lumma's infrastructure with the help of a court order from the U.S. District Court for the Northern District of Georgia. The U.S. Department of Justice then took control of Lumma's "central command structure" and squashed the online marketplaces where bad actors purchased the malware. The cybercrime control center of Japan "facilitated the suspension of locally based Lumma infrastructure," the blog post said. "Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims," Microsoft said in the post. "Moreover, more than 1,300 domains seized by or transferred to Microsoft, including 300 domains actioned by law enforcement with the support of Europol, will be redirected to Microsoft sinkholes." Cloudflare, Bitsight and Lumen also helped break down the Lumma malware ecosystem.
Microsoft said its digital crimes unit was able to dismantle the web domains underpinning Lumma's infrastructure with the help of a court order from the U.S. District Court for the Northern District of Georgia. The U.S. Department of Justice then took control of Lumma's "central command structure" and squashed the online marketplaces where bad actors purchased the malware. The cybercrime control center of Japan "facilitated the suspension of locally based Lumma infrastructure," the blog post said. "Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims," Microsoft said in the post. "Moreover, more than 1,300 domains seized by or transferred to Microsoft, including 300 domains actioned by law enforcement with the support of Europol, will be redirected to Microsoft sinkholes." Cloudflare, Bitsight and Lumen also helped break down the Lumma malware ecosystem.
Meanwhile, back in Redmond (Score:5, Interesting)
Re: (Score:3)
Indeed. Fortunately that will be quite illegal in the EU. I guess the EU will get a special version and the US users will just have to swallow that frog.
Re: (Score:2)
...update that registry setting...
Obviously most won't, but at least the option likely has to exist somewhere to configure it since corporate customers also won't allow such things to exist.
Re: (Score:3)
They're also killing off security updates for Windows 10 this year, insuring that thousands of more systems will be added to these botnets soon!
Maybe if MS products were not insecure crap.. (Score:5, Insightful)
We would not have that problem. But as an IT security expert, my impression is it is now harder to use Windows securely than Linux.
Re: (Score:3)
My last experience with Windows 11 informs me that it's just plain hard to use Windows at all, securely or otherwise. We've been using Debian with Gnome with some public-facing computers, and there have literally no issues at all.
Re: (Score:2)
We would not have that problem. But as an IT security expert, my impression is it is now harder to use Windows securely than Linux.
My most recent job was with a Fortune 500 company (bottom half of that group) that due to a severance agreement that has a bit longer left to go, I can't name. It's not secret stuff. They just don't want me talking bad about them for a while. I wasn't an IT security guy per se, but I did Linux internal support for the company and that got me in touch with various parts of the company. My experience was exactly what you said, that we had way more security problems with Windows. The most serious hac
Re: (Score:2)
It is true that Windows has always been insecure. And it's also true that Linux and Mac OS and iOS and Android are all insecure. So why does Windows get all the attention? Simple, that's where the money is.
Oh, and your house is insecure too, and your car, and everything else that has any kind of "security." It takes a robber less than 30 seconds to break into your house or car.
Why on earth does anyone think something as complex as a computer, could be "secure"?
Re: (Score:2)
as an IT security expert
Blaming MS for end user behaviour tells me you know less about security than you do about Linux.
As an *actual*, credentialed, "security expert" - malware doesn't magically appear on the endpoint. It requires assistance from the mouth-breather using the endpoint. Every. Damn. Time.
No system is perfectyly secure and Linux has just as many problems... albeit it different ones with a significantly smaller user base.
But do keep spreading the FUD. It seems to make you happy.
Need to close the Win+R trick (Score:2)
Re:Need to close the Win+R trick (Score:4, Interesting)
Can I Has Sinkhole? (Score:1)
Me use it good. Me promise.
Microsoft Cyber Police (Score:3)
The Microsoft Digital Crimes Unit: Microsoft are the cyber police?
Re: (Score:3)
You're assuming they detect the crimes rather than commit them.