MetaEra News, May 22 (UTC+8), on May 22, law enforcement successfully seized the critical infrastructure of the malicious software LummaC2, which targeted the theft of cryptocurrency wallet recovery phrases from millions of users. This operation was jointly executed by the U.S. Department of Justice, Europol, the Japan Cyber Crime Control Center, Microsoft, and others. According to Microsoft data, over 394,000 Windows systems were found to be infected with this malware globally from March to May 2025. Microsoft has seized and disabled more than 2,300 domain names supporting the operation of LummaC2 through civil litigation. The FBI confirmed that there were at least 1.7 million theft attempts involving LummaC2 alone. This malware was launched in 2022 by a Russian developer known by the username 'Shamel', primarily marketed through Telegram and Russian forums, offering tiered service packages that allowed buyers to customize, distribute, and track stolen data. (Source: TechFlow)
