By Hash Techs 
Microsoft has successfully disrupted the Lumma Stealer infrastructure, a highly dangerous malware utilized by hackers in recent times. Through collaboration with international authorities, the operation cut off virus communication with infected devices and prevented access to underground markets where the software was distributed.
Lumma Stealer impacted close to 400,000 computers within a span of two months.
Between March 16 and May 16, 2025, Microsoft discovered 394,000 Windows computers infected with Lumma Stealer in multiple countries. The malware, distributed since 2022, was designed to steal passwords, financial information, and facilitate the installation of additional malicious software.
Microsoft stated that Lumma has become a popular tool among cybercriminals due to its ease of dissemination and challenging detectability. It has been employed in phishing activities like Fake Booking emails and has targeted various sectors including gaming communities, schools, hospitals, logistics companies, factories, and critical infrastructure.
With backing from the Georgia District Court in the United States, the organization successfully thwarted more than 1,300 hacker-controlled domains associated with malware. Approximately 300 of these domains were taken down in collaboration with Europol, and five key areas were seized by the U.S. Department of Justice.
All of these domains currently point to “sinkhole” servers, which block communication between compromised computers and virus operators, thanks to Japan’s cooperation in suspending the local servers used by Lumma.
Cloudflare and Lumen provided assistance as well.
Large technology companies like Cloudflare, Bitsight, and Lumen assisted in tracking and disabling the technical resources used by criminals during the operation. Microsoft emphasized the importance of collaboration between the public and private sectors to address advanced digital threats.
What should you do if you have been infected?
If you suspect your computer might be infected, it is advisable to promptly update the operating system and antivirus software. Microsoft also suggests checking and updating important passwords and credentials, particularly if you utilize digital wallets, online banking, or access critical browser services.