Microsoft said on Wednesday its Digital Crimes Unit (DCU) filed a legal action against Lumma Stealer last week, after it found nearly 400,000 Windows computers globally infected by the information-stealing malware in the past two months.
Lumma is capable of stealing data from various browsers and applications, such as cryptocurrency wallets, and installing other malware, the company said in a blog.
Microsoft’s DCU helped in the “takedown, suspension, and blocking of malicious domains that formed the backbone of Lumma’s infrastructure,” via a court order from the U.S. District Court of the Northern District of Georgia, the blog said.
The U.S. Department of Justice said on Wednesday it has seized five internet domains used by malicious cyber actors to operate the LummaC2 information-stealing malware service. The FBI’s Dallas Field Office is investigating the case.
“The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscores the need for layered defenses and industry collaboration to counter threats,” Microsoft said in a separate blog post on the malware.
