Just weeks after a global crackdown that took down 2,300 domains, the notorious Lumma infostealer malware has made a strong comeback. Despite law enforcement action, Lumma’s operators swiftly rebuilt their Malware-as-a-Service (MaaS) platform using Russian servers and new tactics.Trend Micro reports Lumma is spreading via fake software cracks, GitHub repositories, phony CAPTCHA pop-ups, and social media links. The operation shows how resilient modern cybercrime has become, raising concerns over the long-term impact of domain takedowns.📌 Key Highlights:2,300 domains seized in May — Lumma Stealer resurfaces in JuneNow using Russian hosting to avoid takedownsTactics include fake keygens, GitHub cheats, CAPTCHA traps, and YouTube scamsNo arrests or charges despite international operationsMalware-as-a-Service model remains active and dangerous#LummaStealer #CybercrimeNews #Malware2025 #MaaS #TrendMicro #HackingNews #CyberPlatter
