gpt]
Rewrite the content fetched from
Lumma infostealer disrupted in joint Microsoft, industry and global law enforcement takedown
The Lumma infostealer operation has been taken down in a collaborative effort between global law enforcement agencies and industry titans.
Lumma malware is an information stealer that is sold on dark web and underground forums to cyber criminals, providing them the tools to access devices and harvest all the information and data they can get their hands on, affecting hundreds of victims daily.
The US Department of Justice (DoJ), Europol, and Japanese cyber law enforcement agencies, alongside Microsoft, Cloudflare, ESET and more, participated in the takedown and seizure of the Lumma malware-as-a-service and infostealer.
You’re out of free articles for this month
The takedown operation began when Microsoft discovered 394,000 Windows devices infected with the Lumma infostealer malware around the globe.
“Between March 16, 2025, and May 16, 2025, Microsoft identified over 394,000 Windows computers globally infected by the Lumma malware,” wrote assistant general counsel for Microsoft’s Digital Crimes Unit, Steven Masada.
“Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims.”
On 13 May 2025, Microsoft took legal action against Lumma, leading to the seizure of 2,300 domains.
“Via a court order granted in the United States District Court of the Northern District of Georgia, Microsoft’s DCU seized and facilitated the takedown, suspension and blocking of approximately 2,300 malicious domains that formed the backbone of Lumma’s infrastructure,” Masada added.
Simultaneously, the US DoJ seized Lumma’s control panel, disrupting its ability to offer its malware to cyber criminals on dark web marketplaces, while Japan’s Cybercrime Control Centre and Europol’s European Cybercrime Centre seized local infrastructure in Japan and Europe.
Blake Darché, head of Cloudforce One at Cloudflare, one of the companies that assisted in the takedown, said the operation will disrupt and delay Lumma’s operations, but that they will rebuild.
“This disruption worked to fully setback their operations by days, taking down a significant number of domain names, and ultimately blocking their ability to make money by committing cyber crime,” he said.
“While this effort threw a sizeable wrench into the largest global infostealers infrastructure, like any threat actor, those behind Lumma will shift tactics and re-emerge to bring their campaign back online.”
However, as highlighted by the head of Europol’s European Cybercrime Centre, Edvardas Šileris, the operation marks the importance of cooperating with industry and a shift in how these cyber criminal takedowns take place.
“This operation is a clear example of how public-private partnerships are transforming the fight against cyber crime.
“By combining Europol’s coordination capabilities with Microsoft’s technical insights, a vast criminal infrastructure has been disrupted. Cyber criminals thrive on fragmentation – but together, we are stronger.”
Daniel Croft
Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.
into a completely fresh, human-written article that feels authentic and naturally written. The tone must reflect everyday human communication—professional, clear, and engaging without sounding like it’s generated by AI. Strictly avoid generic AI-style phrases, exaggerations, filler lines, or hallucinated content.
Structure the article with appropriate subheadings (H2, H3, etc.) and ensure it is *at least 500 words*. Each paragraph should be well-structured, focusing on a specific angle or detail from the source.
Incorporate *high-ranking SEO keywords* relevant to the topic where naturally appropriate—never forced. Prioritize keyword-rich phrases commonly searched online while maintaining readability and flow.
Use real-world phrasing, straight facts, and simple but intelligent language as used in human-authored blogs or news articles. Avoid summaries or conclusions; focus purely on rewriting the key points into a compelling narrative without inventing new ideas.
Do not add your own opinions or additional content—strictly rephrase and rewrite the original source material in a fresh, optimized, and human-sounding format.
[/gpt3]
