A worldwide strike on a malware-as-a-service large
LummaC2, additionally recognized merely as Lumma, is a complicated Malware-as-a-Service (MaaS) bought on underground boards since 2022. It allows menace actors to steal login credentials, bank card data, cryptocurrency pockets information, and different delicate digital property.
Within the weblog, Microsoft revealed that between March 16 and Could 16 this 12 months, it detected over 394,000 Home windows units globally contaminated by Lumma. The malware’s attain spans throughout industries and geographies — from important infrastructure and training methods to monetary establishments and gaming communities.
“Lumma has grow to be a go-to instrument for cybercriminals and ransomware operators, together with the infamous Octo Tempest group,” Microsoft said within the weblog submit, emphasizing the malware’s evasive capabilities and ease of use. It typically spreads by way of phishing campaigns, pretend advertisements, and impersonation of trusted manufacturers like Reserving.com and Microsoft itself.
