The U.S. Department of Justice (DOJ) announced on May 21 that it has seized five domains linked to the distribution and operation of LummaC2, a widely used information-stealing malware, as part of an effort to disrupt cybercrime targeting sensitive online data, including cryptocurrency credentials. According to court filings, LummaC2 was offered as a malware-as-a-service tool that enabled cybercriminals to steal login credentials, browser-stored information, and other personal data. The seizures, which took place on May 19 and 20, dismantled infrastructure that facilitated access to stolen data and deployment of the malware.

The malware was used to extract a range of personal information, including crypto-related access credentials. Matthew R. Galeotti, head of the DOJ’s Criminal Division, explained:

Malware like LummaC2 is deployed to steal sensitive information such as user login credentials from millions of victims in order to facilitate a host of crimes, including fraudulent bank transfers and cryptocurrency theft.

The court affidavit supporting the domain seizure described the specific kinds of data targeted, stating: “Common targets for cybercriminals using malware like LummaC2 include browser data, autofill information, login credentials for accessing email and banking services, as well as cryptocurrency seed phrases, which permit access to virtual currency wallets.” The FBI identified at least 1.7 million instances of the malware being used to harvest such data.

In parallel with the DOJ’s domain seizure, Microsoft launched a civil action to disrupt an additional 2,300 domains allegedly connected to LummaC2 operators or their affiliates. The domains seized by the DOJ functioned as “user panels,” where LummaC2 users could manage infections and stolen data. Visitors to these sites now see a federal seizure notice. The DOJ also highlighted the State Department’s Rewards for Justice program, which offers up to $10 million for information on foreign state-linked cyber activity that targets U.S. critical infrastructure, including incidents that may involve crypto-related threats.

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。