Yazılar

Microsoft Takes Legal Action Against Lumma Stealer Malware Infecting 400,000 Devices

/in /tarafından

Microsoft has filed a legal action to disrupt the operations of Lumma Stealer, an advanced piece of information-stealing malware that has infected nearly 400,000 Windows computers worldwide over the past two months, the company said Wednesday.

The action was led by Microsoft’s Digital Crimes Unit (DCU) and involved a court order from the U.S. District Court for the Northern District of Georgia, enabling the takedown, suspension, and blocking of malicious domains that formed the malware’s core infrastructure.

“The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscore the need for layered defenses and industry collaboration,” Microsoft said in a blog post.

Malware Capabilities

Lumma Stealer targets a wide range of sensitive user data:

  • Extracts information from web browsers, including saved passwords

  • Harvests credentials from cryptocurrency wallets

  • Installs additional malware on compromised systems

It operates as part of a larger cybercrime-as-a-service network, offering malicious tools to third parties for use in data theft and system compromise.

Federal Action and Domain Seizures

In parallel to Microsoft’s civil action:

  • The U.S. Department of Justice announced the seizure of five internet domains tied to the LummaC2 malware infrastructure

  • The FBI’s Dallas Field Office is leading the ongoing criminal investigation

These efforts aim to disrupt the malware’s operations and prevent further infections globally.

Broader Implications

The Lumma Stealer case highlights growing concerns over modular, stealthy malware strains designed to:

  • Evade detection

  • Monetize stolen data

  • Enable subsequent attacks

Microsoft emphasized the need for:

  • Layered cybersecurity defenses

  • Cross-industry cooperation

  • Judicial interventions to combat evolving digital threats

This case adds to a growing list of Microsoft-led legal and technical takedowns aimed at dismantling global cybercrime infrastructure, including recent actions against Storm botnets and ransomware operators.

Bell Canada Restores Internet Service After Two-Hour Outage in Quebec and Ontario

/in /tarafından

Bell Canada announced on Wednesday that it has fully restored internet services after a technical update issue caused a significant two-hour outage affecting tens of thousands of users in Quebec and Ontario.

The disruption, which began around 9:00 a.m. ET, peaked with more than 130,000 disruption reports, according to real-time outage tracker Downdetector.com. Bell confirmed that service had been completely restored by 11:00 a.m. ET.

“We want to assure our customers and partners that this was a technical issue and we have ruled out a cybersecurity incident as the root cause,” Bell said in an emailed statement.

Cause and Response

The outage stemmed from a software update that affected some of Bell’s router infrastructure. The company responded by rolling back the update, which resolved the issue.

Bell, a unit of BCE Inc., said its network teams are conducting a full review to prevent future disruptions.

Customer Impact and Instructions

Bell serves approximately 4.4 million high-speed internet subscribers, as noted in its latest quarterly report. The full scale of the outage remains unclear, but many users in eastern Canada reported service disruptions throughout the morning.

For customers still experiencing issues, Bell advised a modem reboot via a notice on its Facebook page.

Unexplained Electronic Components Found in Denmark’s Energy Equipment Imports, Investigation Underway

/in /tarafından

Unidentified electronic components have been discovered in imported energy infrastructure equipment in Denmark, raising concerns over potential security vulnerabilities in the country’s critical power systems, according to industry group Green Power Denmark.

The components were found during a routine inspection of printed circuit boards intended for use in Denmark’s energy supply network. The discovery has prompted an internal investigation to assess the nature and intent behind the components’ inclusion.

“We don’t know how critical it is or whether there are bad intentions behind it,” said Jorgen Christensen, technical director at Green Power Denmark, in a statement to Reuters. “But these components should not be present in infrastructure equipment.”

Christensen did not disclose the origin of the equipment, the specific technology it was intended for (such as solar power systems), or which parties are conducting the investigation.

The Danish Ministry for Preparedness and Resilience declined to comment on the situation, and no responses were received from the Justice Ministry, Energy Ministry, or national intelligence services regarding whether a formal government-led inquiry had been initiated.

The incident comes at a time of heightened international attention on supply chain risks and cybersecurity threats to critical infrastructure, including power grids and renewable energy assets.

“This is highly concerning. It is important that an investigation is underway,” said Walburga Hemetsberger, CEO of SolarPower Europe, who emphasized the broader implications for the continent’s energy security.

Christensen noted that while the components could have been included for benign reasons — such as being part of a multi-purpose circuit board design — their unexplained presence in systems designated for energy infrastructure is unacceptable.

“It’s possible the supplier had no malicious intent. We can’t say at this point, but that doesn’t change the fact that these components shouldn’t be there,” he said.

The development follows a separate report by Reuters last week, which revealed that U.S. energy officials had found unauthorized communication devices in Chinese-made solar inverters and batteries, capable of bypassing cybersecurity firewalls and threatening grid stability.

The Danish case, first reported by local media outlet Berlingske, adds to growing scrutiny of imported technologies used in national infrastructure projects, particularly from unknown or sensitive origin sources.