Europol and Microsoft disrupt world’s largest infostealer Lumma


Europol’s European Cybercrime Centre has worked with Microsoft to disrupt Lumma Stealer (“Lumma”), the world’s most significant infostealer threat.

This joint operation targeted the sophisticated ecosystem that allowed criminals to exploit stolen information on a massive scale. Europol coordinated with law enforcement in Europe to ensure action was taken, leveraging intelligence provided by Microsoft. Between 16 March and 16 May 2025, Microsoft identified over 394 000 Windows computers globally infected by the Lumma malware. In a coordinated follow-up operation this week, Microsoft’s Digital Crimes Unit (DCU), Europol, and international partners have disrupted Lumma’s technical infrastructure, cutting off communications between the malicious tool and victims.

Read more…
Source: Europol


Sign up for our Newsletter
The latest news and insights delivered right to your inbox.


Related:

  • NetNut cracked as Google and FBI target 2 million-device botnet

    July 3, 2026

    Tech companies working with US law enforcement “significantly degraded” the NetNut residential proxy network as part of an ongoing effort to disrupt the tools cybercriminals use to conceal their activity, say researchers. The work was carried out by Google, Lumen, Shadowserver, the FBI, and others, and marks a continuation of the IPIDEA proxy network disruption from January. According to Google Cloud, ...

  • FBI: Cyber Criminal Group TeamPCP

    July 2, 2026

    The Federal Bureau of Investigation (FBI) is releasing this FLASH to highlight the tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with the cyber criminal group TeamPCP. TeamPCP actors have conducted large-scale software supply chain compromises by targeting widely used developers and security tools, gaining access to victim environments and extracting sensitive ...

  • Nearly 400 illegal World Cup 2026 streaming sites taken offline by US DOJ

    June 30, 2026

    Almost 400 domains have been seized as part of Operation Offsides – a coordinated global effort to take down sites illegally streaming the FIFA World Cup 2026. The sites were seized by the US Justice Department’s Criminal Division for violating copyright and intellectual property law. The takedowns were coordinated by members of the International Computer Hacking and ...

  • Global cyber strike disrupts SocGholish, Amadey, and StealC malware networks

    June 24, 2026

    Europol together with partners from across the globe today announces a landmark blow to cybercriminal networks as part of Operation Endgame, a sweeping international operation targeting the criminal infrastructure behind ransomware and malware like SocGholish, Amadey, and StealC. In coordinated actions over the past two weeks, key components of these malicious toolkits were dismantled as ...

  • Cyber criminals who hacked into Transport for London’s computer network are convicted

    June 22, 2026

    Two young men have admitted mounting a cyber attack on Transport for London (TfL), which cost tens of millions of pounds in losses and inconvenienced thousands of customers. The National Crime Agency and City of London Police investigated Thalha Jubair, 20, from East London, and Owen Flowers, 18, from Walsall, West Midlands, after TfL’s network was ...

  • UK: Derbyshire police officer investigated over alleged use of AI to ‘create evidence’

    June 13, 2026

    A Derbyshire police officer is being investigated over claims they used artificial intelligence (AI) to create evidence in criminal cases. The investigation is the first known case of its kind in UK criminal justice and has seen the cop removed from frontline duties. The Crown Prosecution Service (CPS) said it was “engaging with” defence lawyers and the courts over ...