Azure Firewall Premium has included protections towards Lumma Stealer since 2022, with over 2,700 intrusion detection and prevention (IDPS) signatures particularly designed to determine and block Lumma-related exercise. Backed by Microsoft’s world menace intelligence, our firewall telemetry confirms that Azure Firewall is actively intercepting and stopping hundreds of Lumma-related assaults concentrating on Home windows methods all over the world.
With Azure Firewall, organizations profit from steady safety towards rising threats—powered by real-time updates and insights from one of many world’s largest safety networks.
About Lumma Stealer
Lumma Stealer is a classy, extensively used information-stealing malware designed to reap delicate knowledge equivalent to login credentials, monetary particulars, and cryptocurrency wallets. Initially showing in Russian cybercrime boards round 2022, its recognition surged because of its effectiveness, notably as different infostealers like Redline declined. In 2025 alone, it compromised over 394,000 Home windows computer systems globally, considerably impacting each people and organizations by facilitating large-scale knowledge theft and monetary fraud.
In response, the Microsoft cybersecurity crew spearheaded a coordinated worldwide operation involving authorized actions and infrastructure disruptions, efficiently seizing about 2,300 domains tied to Lumma Stealer. Extra info on our actions is revealed in detailed menace intelligence weblog put up.
Azure Firewall Premium response to threats
Azure Firewall Premium helps automated replace of newest and correct rulesets for detecting and blocking superior and rising threats. Up to date every day, Azure Firewall covers greater than 40 totally different classes of malware command and management, credential phishing, DDoS, botnets, community anomalies, exploits, vulnerabilities, SCADA exploit equipment exercise, and way more.
Azure Firewall helps over 72,000 guidelines with 30 to 50+ new guidelines launched every day. Clients have visibility through the portal to assessment the signature. Regardless of the dynamic nature of the signatures, Azure Firewall protection is each correct and low on false positives with lower than 5 false positives reported by prospects since launch.
Lumma mitigations
The Azure Firewall Lumma malware signature is roofed underneath the energetic signature set. Since its detection again in 2023, Azure Firewall has been updating its energetic signature set. We now have greater than 2700+ Lumma signatures related to numerous domains.
Above screenshot exhibiting energetic Lumma signatures launched 2023
Above screenshot exhibiting energetic Lumma signatures launched just lately Could 2025
Fleet telemetry
Azure Firewall fleet monitoring has detected a whole lot of cases of Lumma Stealer makes an attempt efficiently blocked by the firewall. The telemetry under confirms the effectiveness of our layered protection technique and reinforces the power of our providing.
Screenshot exhibits the IDPS hits for Lumma malware over the previous 90 days.
Conclusion
Azure Firewall Premium has confirmed to be a strong and efficient protection mechanism towards the Lumma Stealer malware. With its intensive rule set and proactive updates, Azure Firewall Premium has efficiently blocked hundreds of Lumma Stealer makes an attempt, safeguarding Home windows methods globally.
The coordinated efforts of the Microsoft cybersecurity crew and the continual enhancements to Azure Firewall Premium capabilities underscore our dedication to offering top-tier safety options. As cyber threats evolve, Azure Firewall Premium stays a essential part in our protection technique, guaranteeing the safety of delicate knowledge and sustaining the integrity of our digital infrastructure. As greatest apply, we suggest deploying Azure Firewall Premium to spice up your community safety to safe of your Azure digital infrastructures.
