Lumma Stealer Crackdown Disrupts Cybercrime Operations

⁤ Updated May 29, 2025
‌ ⁤

the Lumma Stealer⁣ malware, a​ tool favored by cybercriminals, ‌is facing increased scrutiny. ​This malware is reportedly used⁢ in a range⁢ of illegal activities, including⁣ credit card fraud, ‌cryptocurrency theft, and initial access sales,‍ according to security experts.

Notably, the Scattered Spider hacking group, known ⁣for attacks on major corporations ​like Caesars Entertainment and MGM Resorts International, has been observed utilizing‍ the Lumma ​stealer. Additionally, the Lumma malware ‌was allegedly ⁢involved‍ in the December⁤ 2024 breach⁤ of PowerSchool, an education technology firm, where over 70 million records were compromised.

Wardle of DoubleYou noted the increasing operational significance of infostealers, stating that even nation-state​ actors are now ⁢developing and deploying ⁤them.

Ian Grey, director of analysis and‌ research at Flashpoint,‌ suggests that the prevalence of infostealers may help cybercriminals⁤ conceal thier activities. He added that even advanced threat⁣ groups are leveraging infostealer logs ⁣to ⁤avoid exposing sophisticated tactics.

Lumma is not the ​first infostealer to attract law ​enforcement attention. Last⁢ year,a⁣ coordinated international effort dismantled the infrastructure associated with the RedLine and MetaStealer malware.‍ The ​U.S. Department of Justice also unsealed charges against Maxim Orelnets, an alleged developer of the ⁣RedLine infostealer.

despite these crackdowns, infostealers remain a valuable and effective tool for attackers.​ Gray of Flashpoint believes that infostealers are ‍likely to remain prominent for the foreseeable future,citing their increased usage in recent years.

What’s next

Law enforcement agencies will‍ likely continue⁣ to target the infrastructure and developers behind prevalent infostealers like Lumma, but experts anticipate that‍ cybercriminals will adapt and continue to utilize these tools.