Earlier this month, a coordinated disruption action targeting the Lumma malware-as-a-service (MaaS) information stealer operation seized thousands of domains, part of its infrastructure backbone worldwide.

Microsoft has teamed up with law enforcement agencies across the globe to disrupt the infrastructure behind one of the world’s most notorious infostealer operations. Microsoft said that, between March 16 and May 16, it identified over 394,000 Windows computers globally that were infected with Lumma Stealer malware.

The Lumma infostealer has become a popular way for hackers to steal sensitive data like banking information and cryptocurrency wallets.

According to FBI Deputy Assistant Director for Cyber Operations Brett Leatherman, who called it the "most prolific information stealer for sale in online criminal markets," Lumma has been used in at least 1.7 million instances of this kind of data theft since November 2023.