ADVERTISEMENT

Lumma malware threat disrupted as DOJ and Microsoft takedown over 2300 malicious domains

The US Justice Department and Microsoft on Wednesday announced the takedown of over 2300 malicious domains, disrupting the central infrastructure of one of the most popular info-stealing malware tools used by cybercriminals today – the LummaC2 Infostealer.

Lumma Infostealer domain seizure notice

Image by Microsoft

Stefanie Schappert
Stefanie Schappert Senior Journalist
May 22, 2025 Updated: 28 May 2025 4 min read

1.7 million instances of Lumma used for theft

LummaC2 heat map of infected Windows computers
Microsoft heat map of Windows computers infected with the Lumma Inforstealer malware. Image by Microsoft Digital Crimes Unit.
ADVERTISEMENT
Ernestas Naprys Gintaras Radauskas vilius jurgita
Get our latest stories today on Google News
Add us as your Preferred Source on Google.

Malware-as-a-Service marketed on underground forums

Lumma Infostealer payment tiers
Different tiers of service for Lumma, as well as Lumma’s logo used on marketing material. Image by Darktrace.
ADVERTISEMENT