We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Behavior:Win32/LummaStealer.CBRA
Aliases: No associated aliases
Summary
Behavior:Win32/LummaStealer.A!MTB is a detection for an information stealer malware that is used to collect device and browser information on a compromised device, credit card information, and cryptocurrency wallets. Lumma has reportedly been sold on underground forums since 2022 as a malware-as-a-service (MaaS), with multiple versions being released by the developers in an attempt to improve its capabilities.
Microsoft Defender Antivirus automatically removes threats as they are detected. However, many infections can leave remnant files and system changes. Updating your antimalware definitions and running a full scan might help address these remnant artifacts.
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.
