Key Findings: The takedown achieved a significant disruption to Lumma infostealers’ infrastructure, but likely didn’t permanently affect most of its Russia-hosted infrastructure. Lumma’s developers are undertaking significant efforts to reinstate the activity and to conduct business as usual. There seems to be a significant reputational damage to the Lumma infostealer, and the key factor for the infostealer to resume regular activity will be the reputational factors (rather than the technological). On May 21, 2025, Europol, FBI, and Microsoft, in collaboration with other public and private sector partners, announced an operation to dismantle the activity of the Lumma infostealer. The malware, […]
The post Lumma Infostealer – Down but Not Out? appeared first on Check Point Blog.