Microsoft Threat Intelligence observed the persistent growth and operational sophistication of Lumma Stealer, an info-stealing malware used by multiple financially motivated threat actors to target various industries.

The bustling enterprise, recently disrupted by a global effort including ESET, is notorious for going after all manner of sensitive data, including passwords, credit card numbers, and cryptowallet info.

Cybercriminals use torrents to push malware disguised as the latest Mission: Impossible – The Final Reckoning movie.

US, European, and Japanese authorities, along with tech companies including Microsoft and Cloudflare, say they’ve disrupted Lumma, an infostealer popular with criminal gangs.

The disruption operation, led by Microsoft, aims to seize all known Lumma Stealer C&C domains, rendering Lumma Stealer’s exfiltration infrastructure nonfunctional. ESET will continue to track other infostealers while closely monitoring for Lumma Stealer activity following this disruption operation.

The messages seemed innocuous, mundane even. Someone posing as a prospective guest emailed a hotel questions about a purported comment left on Booking.com. Another message was supposedly from that third-party booking site to review negative guest feedback.

Law enforcement and Microsoft struck a blow against malware used to steal login credentials and financial data, seizing the central command structure and thousands