Technology
Microsoft takes down malware found on 394,000 Windows PCs
Infostealer malware has been on the rise recently, and that’s evident from the billions of user records leaked online in the past year alone. This type of malware targets everything from your name, phone number and address to financial details and cryptocurrency. Leading the charge is the Lumma infostealer.
I have been reporting on this malware since last year, and security researchers have called it one of the most dangerous infostealers, infecting millions. There have been countless incidents of Lumma targeting people’s personal data (more on this later), but the good news is that Microsoft has taken it down.
The Redmond-based company announced it has dismantled the Lumma Stealer malware operation with the help of law enforcement agencies around the world.
Join The FREE CyberGuy Report: Get my expert tech tips, critical security alerts, and exclusive deals – plus instant access to my free Ultimate Scam Survival Guide when you sign up!
Illustration of a hacker at work (Kurt “CyberGuy” Knutsson)
What you need to know
Microsoft confirmed that it has successfully taken down the Lumma Stealer malware network in collaboration with law enforcement agencies around the world. In a blog post, the company revealed that its Digital Crimes Unit had tracked infections on more than 394,000 Windows devices globally between March 16 and May 16.
Lumma was a go-to tool for cybercriminals, often used to siphon sensitive information like login credentials, credit card numbers, bank account details and cryptocurrency wallet data. The malware’s reach and impact made it a favored choice among threat actors for financial theft and data breaches.
MASSIVE DATA BREACH EXPOSES 184 MILLION PASSWORDS AND LOGINS
To disrupt the malware’s operation, Microsoft obtained a court order from the U.S. District Court for the Northern District of Georgia, which allowed the company to take down key domains that supported Lumma’s infrastructure. This was followed by the U.S. Department of Justice stepping in to seize control of Lumma’s core command system and shut down marketplaces where the malware was being sold.
International cooperation played a major role as well. Japan’s cybercrime unit helped dismantle Lumma’s locally hosted infrastructure, while Europol assisted in actions against hundreds of domains used in the operation. In total, over 1,300 domains were seized or redirected to Microsoft-managed sinkholes to prevent further damage.
Microsoft says this takedown effort also included support from industry partners such as Cloudflare, Bitsight and Lumen, which helped dismantle the broader ecosystem that enabled Lumma to thrive.
HP laptop (Kurt “CyberGuy” Knutsson)
NEW MALWARE EXPLOITS FAKE UPDATES TO STEAL DATA
More about the Lumma infostealer
Lumma is a Malware-as-a-Service (MaaS) that has been marketed and sold through underground forums since at least 2022. Over the years, its developers have released multiple versions to continually improve its capabilities. I first reported on Lumma in February 2024, when it was used by hackers to access Google accounts using expired cookies that contained login information.
Lumma continued targeting users, with reports in October 2024 revealing it was impersonating fake human verification pages to trick Windows users into sharing sensitive information. The malware wasn’t limited to Windows. In January 2024, security researchers found the infostealer malware was targeting 100 million Mac users, stealing browser credentials, cryptocurrency wallets and other personal data.
Windows laptop (Kurt “CyberGuy” Knutsson)
HOW TO REMOVE MALWARE ON A PC (2025)
6 ways you can protect yourself from infostealer malware
To protect yourself from the evolving threat of infostealer malware, which continues to target users through sophisticated social engineering tactics, consider taking these six essential security measures:
1. Be skeptical of CAPTCHA prompts: Legitimate CAPTCHA tests never require you to press Windows + R, copy commands or paste anything into PowerShell. If a website instructs you to do this, it’s likely a scam. Close the page immediately and avoid interacting with it.
2. Don’t click links from unverified emails and use strong antivirus software: Many infostealer attacks start with phishing emails that impersonate trusted services. Always verify the sender before clicking on links. If an email seems urgent or unexpected, go directly to the company’s official website instead of clicking any links inside the email.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
3. Enable two-factor authentication: Enable two-factor authentication (2FA) whenever possible. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your phone, in addition to your password.
4. Keep devices updated: Regularly updating your operating system, browser and security software ensures you have the latest patches against known vulnerabilities. Cybercriminals exploit outdated systems, so enabling automatic updates is a simple but effective way to stay protected.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
5. Monitor your accounts for suspicious activity and change your passwords: If you’ve interacted with a suspicious website, phishing email or fake login page, check your online accounts for any unusual activity. Look for unexpected login attempts, unauthorized password resets or financial transactions that you don’t recognize. If anything seems off, change your passwords immediately and report the activity to the relevant service provider. Also, consider using a password manager to generate and store complex passwords. Get more details about my best expert-reviewed Password Managers of 2025 here.
6. Invest in a personal data removal service: Consider using a service that monitors your personal information and alerts you to potential breaches or unauthorized use of your data. These services can provide early warning signs of identity theft or other malicious activities resulting from infostealer malware or similar attacks. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
Get a free scan to find out if your personal information is already out on the web.
MALWARE STEALS BANK CARDS AND PASSWORDS FROM MILLIONS OF DEVICES
Kurt’s key takeaway
Microsoft’s takedown of the Lumma Stealer malware network is a major win in the fight against infostealers, which have fueled a surge in data breaches over the past year. Lumma had become a go-to tool for cybercriminals, targeting everything from browser credentials to crypto wallets across Windows and Mac systems. I’ve been tracking this malware since early 2024, and its ability to impersonate human verification pages and abuse expired cookies made it especially dangerous.
Do you feel tech companies are doing enough to protect users from malware like this? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover
Follow Kurt on his social channels
Answers to the most asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Wiles says she called Musk on the carpet. “You can’t just lock people out of their offices,” she recalls telling him. At first, Wiles didn’t grasp the effect that slashing USAID programs would have on humanitarian aid. “I didn’t know a lot about the extent of their grant making.” But with immunizations halted in Africa, lives would be lost. Soon she was getting frantic calls from relief agency heads and former government officials with a dire message: Thousands of lives were in the balance.
Wiles continued: “So Marco is on his way to Panama. We call him and say, ‘You’re Senate-confirmed. You’re going to have to be the custodian, essentially, of [USAID].’ ‘Okay,’ he says.” But Musk forged ahead—all throttle, no brake. “Elon’s attitude is you have to get it done fast. If you’re an incrementalist, you just won’t get your rocket to the moon,” Wiles said. “And so with that attitude, you’re going to break some china. But no rational person could think the USAID process was a good one. Nobody.”
NEWYou can now listen to Fox News articles!
OpenAI announced an update for ChatGPT Images that it says drastically improves both the generation speed and instruction-following capability of its image generator.
A blog post from the company Tuesday says the update will make it much easier to make precise edits to AI-generated images. Previous iterations of the program have struggled to follow instructions and often make unasked-for changes.
“The update includes much stronger instruction following, highly precise editing, and up to 4x faster generation speed, making image creation and iteration much more usable,” the company wrote.
“This marks a shift from novelty image generation to practical, high-fidelity visual creation — turning ChatGPT into a fast, flexible creative studio for everyday edits, expressive transformations, and real-world use.”
CHINESE HACKERS WEAPONIZE ANTHROPIC’S AI IN FIRST AUTONOMOUS CYBERATTACK TARGETING GLOBAL ORGANIZATIONS
The OpenAI GPT-5 logo appears on a smartphone screen and as a background on a laptop screen in this photo illustration in Athens, Greece. (Nikolas Kokovlis/NurPhoto via Getty Images)
The announcement comes just weeks after OpenAI CEO Sam Altman declared a “code red” in a memo within his company to improve the quality of ChatGPT.
In the document, Altman said OpenAI has more work to do on enhancing the day-to-day experience of its chatbot, such as allowing it to answer a wider range of questions and improving its speed, reliability and personalization features for users, according to The Wall Street Journal.
The reported company-wide memo from Altman comes as competitors have narrowed OpenAI’s lead in the AI race. Google last month released a new version of its Gemini model that surpassed OpenAI on industry benchmark tests.
GOOGLE CEO CALLS FOR NATIONAL AI REGULATION TO COMPETE WITH CHINA MORE EFFECTIVELY
The OpenAI logo Feb. 16, 2025 (Reuters/Dado Ruvic)
To focus on the “code red” effort to improve ChatGPT, OpenAI will be pushing back work on other initiatives, such as a personal assistant called Pulse, advertising and AI agents for health and shopping, Altman said in the memo, according to the Journal.
Altman also said the company would have a daily call among those responsible for enhancing ChatGPT, the newspaper added.
“Our focus now is to keep making ChatGPT more capable, continue growing, and expand access around the world — while making it feel even more intuitive and personal,” Nick Turley, the head of ChatGPT, wrote on X Monday night.
OpenAI CEO Sam Altman speaks during the Federal Reserve’s Integrated Review of the Capital Framework for Large Banks Conference in Washington, D.C., July 22, 2025. (Reuters/Ken Cedeno)
OpenAI currently isn’t profitable and has to raise funding to survive compared to competitors like Google, which can fund investments in their AI ventures through revenue, the Journal reported.
I never felt done with my Animal Crossing: New Horizons island. Despite playing every day for two years, and racking up 1,700 hours of playtime, I somehow never finished decorating. I had plenty of ideas for my island, sure, but actually implementing them was another story: The decorating and terraforming systems that helped make New Horizons a huge success are also slow, manual, and cumbersome, and my patience for decorating and redecorating had finally worn thin.
Fast-forward a few years, and a very much unexpected update is coming to finally fix some of those pain points. Update 3.0 is launching on January 15th, 2026, alongside the Switch 2 Edition of New Horizons. And while the paid Switch 2 upgrade has some nice-to-haves (like Joy-Con 2 mouse controls for indoor decorating), it’s the free update that brings all the key new features.
I recently attended a virtual preview for the New Horizons upgrade and update, and there are two caveats: I have not yet played either the Switch 2 version or the new free content myself, and it’s hard to gauge the quality of the Switch 2 version’s visual and performance improvements over a Zoom call. (I still have some unanswered questions about the biggest performance issues on the original Switch, like the choppy frame rate on more densely decorated islands.) But seeing the 3.0 additions in action, it was easy to imagine myself finishing my island — or at least an island.
As shown in the October announcement trailer, update 3.0 makes much-needed quality-of-life fixes. You’ll finally be able to craft multiple items at once, and crafting will pull materials from your overall storage instead of your pockets, meaning you won’t have to do a bunch of inventory management just to craft some decor. Then there’s Resetti’s Reset Service, which can help you clean up entire sections of your island instantly so you don’t have to pick everything up individually in order to redecorate. Some players also noticed a very subtle but potentially impactful change to movement while terraforming that should hopefully make it a smoother process. And then, as if to show off those decorating improvements, Nintendo also added Slumber Islands.
Not to be confused with dreams, New Horizons’ online island-sharing feature, Slumber Islands are extra sandboxes for you to decorate and play with, where you can set the time of day and the weather and magically conjure up any item you have in your in-game catalog to decorate with, similar to the Happy Home Paradise DLC. You can build bridges and inclines instantly by talking to Lloid, rather than going through Tom Nook and waiting (or time traveling) a day. And while it seems like terraforming works the same on Slumber Islands, the apparent addition of strafing while terraforming — instead of having to constantly reorient yourself manually — should help at least a little bit. (It’s the first thing I’m going to test on January 15th, that’s for sure.)
For me, the worst part of decorating in New Horizons was having an idea, ordering all the furniture I’d need for it over the course of days, testing out the design, realizing it did not look the way I envisioned, and facing the tedious process of breaking it all down and starting over again brick by brick — or, at the very least, having to push and pull objects around for a while to see if I could make it work. The design process I saw on Nintendo’s Slumber Island during the preview, meanwhile, seemed quicker and smoother. Trying out an idea or aesthetic in that environment doesn’t sound like such a tall order.
Without any hands-on time, I can’t say if it will actually be noticeably easier to design and decorate with the 3.0 update. But I’m excited by the idea that I can go to my Slumber Island scratch pad and try out my designs before committing to them (and the cost in bells to get it all done) on my main island. And maybe, if I really like how it feels to decorate, I’ll make an entire Halloween-themed Slumber Island — the kind of island I’ve wanted to make for years but never did on my main island, where the seasons continue to change and actively ruin the vibe.
Rare great white shark encounter off Maine coast captured in heart-stopping National Geographic photo
Detroit family’s home damaged, Christmas gifts lost after fire spreads from vacant house
Beloved 11-Year-Old Bay Area Italian Restaurant Is Closing Its Doors For Good
Utah hosts Los Angeles after overtime win against Dallas
Miami takes on Brooklyn, seeks to end 5-game skid
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Video: ‘It Didn’t Have to Happen This Way:’ U.Va. Faculty Call for Review of Police Response to Protests
Video: Prosecutors Charge Nick Reiner With Murdering His Parents
HHS probes Minnesota’s use of billions in federal social service funds amid fraud concerns: report
Thousands of dinosaur footprints discovered on rock faces in northern Italy
Nick Reiner will be charged with first degree murder in his parents’ killing
DA: Nick Reiner will be charged with first-degree murder in deaths of Rob & Michele Reiner
-
Iowa2 days agoAddy Brown motivated to step up in Audi Crooks’ absence vs. UNI
-
Washington1 week agoLIVE UPDATES: Mudslide, road closures across Western Washington
-
Iowa1 week agoMatt Campbell reportedly bringing longtime Iowa State staffer to Penn State as 1st hire
-
Iowa4 days agoHow much snow did Iowa get? See Iowa’s latest snowfall totals
-
Cleveland, OH1 week agoMan shot, killed at downtown Cleveland nightclub: EMS
-
World1 week ago
Chiefs’ offensive line woes deepen as Wanya Morris exits with knee injury against Texans
-
Maine17 hours agoElementary-aged student killed in school bus crash in southern Maine
-
Technology6 days agoThe Game Awards are losing their luster
