Microsoft has recently sounded the alarm over a burgeoning malware scourge, Lumma, which has invaded nearly 394,000 Windows PCs. This password stealer is commonly found in sketchy video games and pirated software you can find online. It represents a significant danger to individuals and institutions.
The Lumma malware had a hand in a second major cyberattack surge. These attacks have resulted in the loss of terabytes of sensitive data from some of the largest tech companies. Not surprisingly, it was at the center of cyber attacks against PowerSchool and Snowflake, both of which manage highly sensitive and protected data. The malware isn’t just intercepting login pages, it’s going after passwords before they’re even saved. Criminal hackers exploit this as a backdoor, using it to install additional malicious software like ransomware.
A significant aspect of Lumma’s operation is its network of command and control servers, which facilitate the malware’s functionality and allow hackers to maintain control over infected systems. Microsoft has done an admirable job of taking proactive measures against this emerging threat by starting civil action in a federal court. The tech giant is asking to take over 2,300 domains that Lumma is using as part of his command and control infrastructure.
One of the most scandalous abuses associated with Lumma was a major security lapse. Attackers were able to lock down all internal passwords owned by PowerSchool engineers after getting access to their workstations. In a related Snowflake incident, customer passwords linked to their Snowflake accounts were found exposed online, calling into question the company’s data protection practices and privacy.
Video game developer Valve, perhaps best known for the Half Life series, moved against this increasing menace. They pulled down an ad for a video game demo that they thought might be sheltering Lumma. As the wrongdoings ramped up, so has this action – prioritizing stopping the malware’s spread under the guise of harmless apps.
As all experts and hackers will tell you, users should avoid downloading programs from unknown developers. Lumma is trading on these environments because they are so ripe for the taking. The existence of this malware not only puts corporate users at a distinct disadvantage, but places the entire corporate security community at risk.