Information-stealing malware Lumma, also known as LummaC2, had its infrastructure disrupted following an international law enforcement operation led by the U.S., EU, and Microsoft, reports The Record, a news site by cybersecurity firm Recorded Future.
Nearly 2,300 malicious domains linked to the Lumma infostealer have been suspended and blocked by Microsoft, which was also able to dismantle Japan and European infrastructure, while an additional five domains were sequestered by the U.S. government. While Lumma could reorganize in the future, such a takedown effort remains valuable in reducing trust in the cybercrime landscape, according to FBI senior official Brett Leatherman. "I think these actors should know that when we have the technical capacity to do this, there are operational security concerns within that ecosystem that they should take note of and maybe not trust the operational security of their colleagues in this environment because of technical operations like this," Leatherman added.
Nearly 2,300 malicious domains linked to the Lumma infostealer have been suspended and blocked by Microsoft, which was also able to dismantle Japan and European infrastructure, while an additional five domains were sequestered by the U.S. government. While Lumma could reorganize in the future, such a takedown effort remains valuable in reducing trust in the cybercrime landscape, according to FBI senior official Brett Leatherman. "I think these actors should know that when we have the technical capacity to do this, there are operational security concerns within that ecosystem that they should take note of and maybe not trust the operational security of their colleagues in this environment because of technical operations like this," Leatherman added.
