Cybersecurity teams and government officials have taken down the main online tools behind LummaC2, a malware used to steal sensitive information like crypto wallet seed phrases and login details, according to a May 21 announcement from the US Department of Justice (DOJ).
The operation involved agencies from several countries, including the DOJ, Europol, Japan’s Cybercrime Control Center, and support from Microsoft and private security companies.
The first takedown happened on May 19, when the two main LummaC2 websites were removed. The group behind LummaC2 tried to register three new websites, but those were shut down the following day.
Did you know?
Subscribe – We publish new crypto explainer videos every week!
ICO vs IDO vs IEO: Which One’s the Best? (Easily Explained)
According to the DOJ, LummaC2 is designed to collect passwords and other private data from victims, which is then used to commit crimes like draining bank accounts and stealing crypto assets. DOJ Criminal Division chief Matthew R. Galeotti stated that malware like LummaC2 supports a wide range of digital fraud.
Meanwhile, on May 21, Microsoft revealed that its systems had recorded over 394,000 LummaC2 infections on Windows computers between March and May 2025. The company also took independent legal action to shut down more than 2,300 domains linked to the malware.
LummaC2 first appeared around 2022 and is controlled by a Russian developer under the name “Shamel”. They promote Lumma on Telegram and other forums by offering paid versions that let buyers customize how the malware spreads and what data it collects.
One known attack involved fake emails pretending to be from Booking.com. Victims were tricked into giving up their banking information, which was then used to empty their accounts.
On May 13, the messaging platform Telegram shut down Haowang Guarantee, previously known as Huione Guarantee. What prompted the takedown? Read the full story.
Having completed a Master’s degree in Economics, Politics, and Cultures of the East Asia region, Aaron has written scientific papers analyzing the differences between Western and Collective forms of capitalism in the post-World War II era.
With close to a decade of experience in the FinTech industry, Aaron understands all of the biggest issues and struggles that crypto enthusiasts face. He’s a passionate analyst who is concerned with data-driven and fact-based content, as well as that which speaks to both Web3 natives and industry newcomers.
Aaron is the go-to person for everything and anything related to digital currencies. With a huge passion for blockchain & Web3 education, Aaron strives to transform the space as we know it, and make it more approachable to complete beginners.
Aaron has been quoted by multiple established outlets, and is a published author himself. Even during his free time, he enjoys researching the market trends, and looking for the next supernova.
