A world strike on a malware-as-a-service large
LummaC2, additionally identified merely as Lumma, is a complicated Malware-as-a-Service (MaaS) bought on underground boards since 2022. It permits risk actors to steal login credentials, bank card data, cryptocurrency pockets knowledge, and different delicate digital property.
Within the weblog, Microsoft revealed that between March 16 and Could 16 this yr, it detected over 394,000 Home windows units globally contaminated by Lumma. The malware’s attain spans throughout industries and geographies — from essential infrastructure and schooling techniques to monetary establishments and gaming communities.
“Lumma has develop into a go-to device for cybercriminals and ransomware operators, together with the infamous Octo Tempest group,” Microsoft acknowledged within the weblog put up, emphasizing the malware’s evasive capabilities and ease of use. It usually spreads by way of phishing campaigns, faux advertisements, and impersonation of trusted manufacturers like Reserving.com and Microsoft itself.
