Microsoft says it squashed malware that infected 394,000 Windows computers
Microsoft says it squashed malware that infected 394,000 Windows computers
Show Caption
Hide Caption
Microsoft's AI language interpreter could be boon for cybercriminals
A new AI language interpreter unveiled by Microsoft is sparking concern among cybersecurity experts.
Straight Arrow News
Microsoft said on Wednesday, May 21 its Digital Crimes Unit partnered with law enforcement and cybersecurity agencies to disrupt an information-stealing malware that infected hundreds of thousands of Windows computers in the last two months.
The unit filed a legal action against Lumma Stealer last week after it found 394,000 Windows computers globally infected with the malware between March 16 and May 16, Windows said in a statement on its blog, calling it a "favored" malware used by criminals to steal passwords, credit cards, bank accounts and cryptocurrency wallets.
"Typically, the goal of Lumma operators is to monetize stolen information or conduct further exploitation for various purposes," Microsoft said. "Lumma is easy to distribute, difficult to detect, and can be programmed to bypass certain security defenses, making it a go-to tool for cybercriminals and online threat actors."
Cybersecurity: FBI says these 13 old internet routers are vulnerable to attacks. Is yours on the list?
The investigative unit helped in the "takedown, suspension, and blocking of malicious domains that formed the backbone of Lumma's infrastructure," after it was granted a court order by the U.S. District Court of the Northern District of Georgia, the blog said.
The U.S. Department of Justice assisted, Microsoft said, taking control of Lumma's central command structure and disrupting the marketplaces where the tool was sold. Europol's European Cybercrime Center and Japan's Cybercrime Control Center also aided in dismantling Lumma infrastructure, which has "severed communications between the malicious tool and victims," according to the blog post.
The Department of Justice said on Wednesday it seized five internet domains used by malicious cyber actors to operate the Lumma malware service. The FBI's Dallas Field Office is investigating the case, according to Reuters.
"The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscores the need for layered defenses and industry collaboration to counter threats," Microsoft said in a separate blog post on the malware.
Contributing: Reuters.
Kathryn Palmer is a national trending news reporter for USA TODAY. You can reach her at kapalmer@usatoday.com and on X @KathrynPlmr.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Yahoo
15 minutes ago
- Yahoo
Wayve and Uber plan London robotaxi launch after UK speeds up autonomous vehicle rollout
U.K.-based autonomous vehicle technology company Wayve and Uber plan to launch a fully driverless robotaxi service in London in the coming years. The news comes soon after the U.K.'s announcement of an accelerated framework for self-driving commercial pilots. U.K. Transport Secretary Heidi Alexander confirmed Tuesday that the U.K. government would fast-track pilots to spring 2026, up from late 2027, to incentivize investment in autonomy in the country. Wayve and Uber did not share many details of their upcoming launch, such as when exactly the companies would begin trials and service, with how many vehicles, or via which vehicle manufacturer partner or partners. Wayve said in April that its tech would be headed to Nissan vehicles. The announcement follows Uber's strategic investment into Wayve in 2024 that promised to see the startup's AI integrated into consumer vehicles that will one day operate on Uber's platform. A Wayve spokesperson told TechCrunch the companies would start in the U.K. capital and scale out to greater London and beyond from there. First, every company involved in launching a robotaxi service would need to prove relevant safety cases to regulators. 'We have a partner ecosystem for bringing a service to market,' Sarah Gates, Wayve's director of public policy, told TechCrunch. 'Wayve provides driving intelligence integrated into a base vehicle provided by a vehicle manufacturer, and then we would have a fleet operator, and Uber would operate the service. So each part of that supply chain would need to prove safety and responsible deployment for what they're responsible for.' In Wayve's case, the company needs to prove the safety of the system and how it drives within its operational design domain. Uber would have separate commitments around operating a passenger service responsibly and having things like customer service in place. 'This is a defining moment for U.K. autonomy,' Alex Kendall, Wayve's CEO and co-founder, said in a statement. 'With Uber and our global OEM partner, we're preparing to put our AI Driver technology into real service on the streets of London, delivering on our AV2.0 vision for scalable autonomy. Our Embodied AI learns to drive anywhere, in any vehicle, and this trial brings us closer to bringing safe and intelligent driving to everyday rides across the UK and beyond.' Wayve recently published a blog detailing the initial findings from its 'AI-500 Roadshow,' a project to visit 500 cities using a single AI model by the end of 2025. So far, the startup has hit 90 cities in 90 days, spanning Asia, Europe, and North America. The demonstration is designed to prove that Wayve's technology can operate anywhere it's placed, rather than relying first on mapping a region. That's relevant data to a company like Uber, which operates globally and has been doing deals with almost every AV company to scale its autonomous capabilities fast. 'Uber has got one of the largest mobility networks globally, so the fact that our AI can serve as their global network is a big reason why this partnership and this [driverless] trialing is so important,' Tilly Pielichaty, a Wayve spokesperson, told TechCrunch. 'We are starting in the U.K., but the ambition is to take it everywhere.' Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
The Verge
19 minutes ago
- The Verge
Meta is reportedly making a $15 billion bet on AGI
Meta is close to finalizing an almost $15 billion investment in Scale AI, the tech giant's largest-ever external investment, which would give Meta a 49% stake in the company, according to The Information. As part of the deal, Meta CEO Mark Zuckerberg is personally assembling a team of about 50 people to help Meta supercharge its AI goals — specifically, to achieve artificial general intelligence — and Scale AI CEO Alexandr Wang is set to join that group once the deal is final, according to Bloomberg and The New York Times. AGI is the concept of AI that equals or surpasses human cognitive abilities, and it's something that nearly every AI industry leader is currently racing to achieve before their competitors. Bloomberg was first to report on the planned multibillion-dollar investment. Scale, the AI giant that provides training data to industry leaders like OpenAI, Google, Microsoft, and Meta, in April reportedly expected that its 2025 revenue would more than double year-over-year to about $2 billion. It's also currently planning a tender offer for employees and early investors at a $25 billion valuation. Meta has been concerned about falling behind in the AI race as competitors like OpenAI, Anthropic, Google, and Microsoft pull ahead. In May, Meta delayed the launch of its new flagship model, dubbed Behemoth, amid concerns about its capabilities compared to competing models, The Wall Street Journal reported. The company's investment in Scale AI is likely a bid to catch up as competing tech giants each choose one or more AI startups to back for greater chances of AI success, whether internally or externally. Amazon has invested at least $8 billion in Anthropic, the AI startup founded by ex-OpenAI research executives, and Anthropic's tech now powers Amazon's Alexa Plus. Google has given at least $3 billion to Anthropic, and the two companies share a significant cloud contract. Microsoft has famously invested at least $13 billion in OpenAI and currently gets a share of the company's revenue. Besides its forthcoming deal with Meta, Scale has spent the last few months leaning hard into deals with governments across the world, like a five-year deal with Qatar to provide automation tools for civil service, healthcare, and more. The company has said its work with countries in Asia and Europe could account for a big piece of sales coming up. And in March, Scale signed a multimillion-dollar deal with the Department of Defense for a flagship AI agent program for the U.S. military.
Yahoo
19 minutes ago
- Yahoo
Passenger calls in a bomb threat to Spirit Airlines after he missed his flight
A Michigan man has been arrested for allegedly calling in a fake bomb threat on a flight that he missed. On Thursday, John Charles Robinson, 23, of Michigan, was supposed to depart from the Detroit Metropolitan Airport en route to Los Angeles. He missed his flight with Spirit Airlines and was told he would have to rebook if he wanted to travel, ABC News reports. According to U.S. Attorney Jerome Gorgon, Jr, Robinson then "used a cell phone to call into Spirit Airlines and conveyed false information about a bomb threat to Flight 2145 departing from Detroit Metro bound for Los Angeles." 'During the call, Robinson stated in part, 'I was calling about 2145… because I have information about that flight,' and 'there's gonna be someone who's gonna try to blow up the airport,' and 'there's gonna be someone that's gonna try to blow up that flight, 2145,'' the affidavit says. Robinson allegedly provided the operator with a description of the imaginary bomber, and told them that "they're going to be carrying a bomb through the TSA" and "they're still threatening to do it, they're still attempted to do it, they said it's not going to be able to be detected. Please don't let that flight board." Spirit Airlines responded by immediately cancelling the flight and deplaning the crew and passengers for safety reasons. According to an airline official, bomb sniffing dogs and FBI agents were deployed to sweep the plane, but no explosives were found. During their investigation, FBI agents learned that Robinson had actually been booked on Flight 2145 but had missed boarding. When Robinson returned to the airport to fly out to Los Angeles, FBI agents took him into custody and played a recording of his alleged bomb threat back to him. "Robinson listened to the above-mentioned recording and confirmed he was the one that made the recorded phone call to Spirit Airlines," officials said. "Robinson also stated that the phone number that called the bomb threat in to Spirit Airlines was his phone number (and had been for approximately 6 years), that the target cellular device was his device, and he gave written consent for a search of his device." Robinson has been charged with using a cellphone to threaten or malicious convey false information concerning an attempt or alleged attempt to damage or destroy an airplane by means of an explosive, and the second is for spreading false information and hoaxes. 'No American wants to hear the words 'bomb' and 'airplane' in the same sentence. Making this kind of threat undermines our collective sense of security and wastes valuable law enforcement resources,' Gorgon said. Robinson's first court appearance was on Friday afternoon, at which time he was released on a $10,000 bond. His next appearance is scheduled for June 27 for a preliminary examination.
