Microsoft Files Lawsuit After Nearly 400K PCs Hit by Data-Stealing Malware

Microsoft has shut down a major cybercrime operation after finding 394,000 Windows computers infected with the Lumma Stealer malware worldwide.

Microsoft has taken legal action to shut down a widespread malware campaign that infected nearly 400,000 Windows computers across the world, as reported by Reuters. The cybercriminals employed Lumma Stealer malware to steal passwords, credit card numbers, bank account information, and cryptocurrency wallet details.

The Digital Crimes Unit (DCU) of the company took the lead in this operation by working with international law enforcement agencies. The cybercriminals used the malware to steal data on a massive scale between March 16 and May 16, 2025.

“Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims,” Microsoft said. Microsoft also announced that it had taken control of more than 1,300 malicious domains through seizure or redirection, while Europol helped seize or redirect 300 domains.

Microsoft received a court order from the U.S. District Court in Georgia, allowing it to take down web domains supporting Lumma’s network. The U.S. Department of Justice later seized Lumma’s “central command structure” and took down marketplaces selling the malware, as reported by CNBC.

According to Reuters, the FBI’s Dallas Field Office currently leads the investigation. Microsoft stated that Lumma Stealer was available for purchase on dark web forums since 2022 and its developers continuously updated the malware to evade detection.

Reuters reports that in a separate blog post, Microsoft said, “The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscore the need for layered defenses and industry collaboration to counter threats.”

The cybercriminals used fake Booking.com branding to deceive users into downloading Lumma malware. The malware targeted various sectors including gaming communities as well as schools and healthcare organizations and manufacturing facilities and logistics operations.