Microsoft (MSFT) and Global Partners Dismantle Lumma Stealer Malware Network

May 21, 2025

Microsoft (MSFT, Financial) has announced a major cybersecurity operation in collaboration with international law enforcement, effectively dismantling the "Lumma Stealer" malware network. From March 16 to May 16, over 394,000 Windows computers across the globe were infected with this malicious software, which is known for stealing sensitive data such as passwords, credit card information, and cryptocurrency wallets.

The Lumma malware, favored by cybercriminals for its ability to circumvent security barriers, was a prime tool for online threat actors. The operation led by Microsoft’s Digital Crimes Unit, backed by authorization from a U.S. federal court in Georgia, involved seizing over 1,300 domains linked to Lumma. These domains were redirected to Microsoft-controlled sinkholes to sever connections between the malware and its victims.

Key partners in this operation included the U.S. Department of Justice, Japan's Cybercrime Control Center, and Europol, with technical support from companies like Cloudflare and Lumen. Microsoft's commitment to cybersecurity extends to monitoring threats in industries like travel, gaming, education, and critical infrastructure, where Lumma has been active since 2022.

Disclosures

I/We may personally own shares in some of the companies mentioned above. However, those positions are not material to either the company or to my/our portfolios.

Research Tools

All-In-One Screener Stock Ideas Stock List Guru List Guru Real-Time Picks Insider List Insider Trades Economic Indicators Sector & Industry Performance DCF Calculator Discussion Board

Product

Pricing Plans Excel Add-In Google Sheets Add-on Data API Stock Comparison Table Manual of Stocks Instant Alerts Mobile App 中文

Education

Financial Glossary Tutorials FAQ Schedule Free Session Buffett Indicator Shiller P/E Yield Curve Today U.S. Inflation Rate Global Market Valuation Fed Net Liquidity Buffett Assets Allocation

Company

About GuruFocus Career Contact Us Advertise Term of Use Privacy Policy Referral Program Partner Program

Survey

We'd love to learn more about your experiences on GuruFocus.com and how we can improve!

Take Survey

Disclaimers

GuruFocus.com is not operated by a broker or a dealer. Under no circumstances does any information posted on GuruFocus.com represent a recommendation to buy or sell a security. The information on this site, and in its related newsletters, is not intended to be, nor does it constitute investment advice or recommendations. The individuals or entities selected as "gurus" may buy and sell securities before and after any particular article and report and information herein is published, with respect to the securities discussed in any article and report posted herein. Gurus may be added or dropped from the GuruFocus site at any time. In no event shall GuruFocus.com be liable to any member, guest or third party for any damages of any kind arising out of the use of any content or other material published or available on GuruFocus.com, or relating to the use of, or inability to use, GuruFocus.com or any content, including, without limitation, any investment losses, lost profits, lost opportunity, special, incidental, indirect, consequential or punitive damages. Past performance is a poor indicator of future performance. The information on this site, and in its related newsletters, is not intended to be, nor does it constitute investment advice or recommendations. The information on this site is in no way guaranteed for completeness, accuracy or in any other way. The gurus listed in this website are not affiliated with GuruFocus.com, LLC. Stock quotes are provided by QuoteMedia, Inc. (CSI). Company fundamental data is provided by Morningstar. Analyst estimates data is sourced from both Refinitiv and Morningstar, with priority given to Refinitiv data. Data is updated daily.