Microsoft Threat Intelligence Podcast
Inside Microsoft’s Global Operation to Disrupt Lumma Stealer’s 2,300-Domain Malware Network
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by Richard Boscovich and Derek Richardson from Microsoft’s Digital Crimes Unit to unpack the global takedown of Lumma Stealer, one of the world’s largest infostealer malware operations. They discuss how creative legal tools like RICO and centuries-old trespass laws, deep collaboration with global partners, and innovative technical strategies came together to seize 2,300 domains and protect nearly 400,000 victims. The episode explores how the DCU is shifting toward persistent, cost-imposing disruption of cybercrime as a service, and what this means for defenders everywhere.
In this episode you’ll learn:
-
How Microsoft took down one of the world’s largest infostealer malware operations
-
The global partnerships with Europol, Japan, and private companies in cyber takedowns
-
What happens to stolen victim data during a takedown operation
Some questions we ask:
-
How did you first identify Lumma as a high-priority threat?
-
Is persistent disruption now the new normal for DCU operations?
-
Do you see more operations like this coming from DCU in the future?
Resources:
View Richard Boscovich on LinkedIn
View Sherrod DeGrippo on LinkedIn
Disrupting Lumma Stealer: Microsoft Leads Global Action Against Favored Cybercrime Tool
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Get the latest threat intelligence insights and guidance at Microsoft Security Insider
The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.