Microsoft says it squashed malware that infected 394,000 Windows computers
Microsoft said on Wednesday, May 21 its Digital Crimes Unit partnered with law enforcement and cybersecurity agencies to disrupt an information-stealing malware that infected hundreds of thousands of Windows computers in the last two months.
The unit filed a legal action against Lumma Stealer last week after it found 394,000 Windows computers globally infected with the malware between March 16 and May 16, Windows said in a statement on its blog, calling it a "favored" malware used by criminals to steal passwords, credit cards, bank accounts and cryptocurrency wallets.
"Typically, the goal of Lumma operators is to monetize stolen information or conduct further exploitation for various purposes," Microsoft said. "Lumma is easy to distribute, difficult to detect, and can be programmed to bypass certain security defenses, making it a go-to tool for cybercriminals and online threat actors."
Cybersecurity: FBI says these 13 old internet routers are vulnerable to attacks. Is yours on the list?
The investigative unit helped in the "takedown, suspension, and blocking of malicious domains that formed the backbone of Lumma's infrastructure," after it was granted a court order by the U.S. District Court of the Northern District of Georgia, the blog said.
The U.S. Department of Justice assisted, Microsoft said, taking control of Lumma's central command structure and disrupting the marketplaces where the tool was sold. Europol's European Cybercrime Center and Japan's Cybercrime Control Center also aided in dismantling Lumma infrastructure, which has "severed communications between the malicious tool and victims," according to the blog post.
The Department of Justice said on Wednesday it seized five internet domains used by malicious cyber actors to operate the Lumma malware service. The FBI's Dallas Field Office is investigating the case, according to Reuters.
"The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscores the need for layered defenses and industry collaboration to counter threats," Microsoft said in a separate blog post on the malware.
Contributing: Reuters.
Kathryn Palmer is a national trending news reporter for USA TODAY. You can reach her at kapalmer@usatoday.com and on X @KathrynPlmr.
This article originally appeared on USA TODAY: Microsoft squashes malware infecting 394,000 Windows computers

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


CBS News
33 minutes ago
- CBS News
FBI assisting in investigation of two bodies found at Michigan's Isle Royale National Park
The FBI confirmed that it is assisting in an investigation after the bodies of two unidentified campers were found on Monday at Michigan's Isle Royale National Park. Federal investigators say they routinely assist in investigations if requested, but this does not mean they will open an investigation. "FBI policy prohibits the confirmation of the existence of investigations, the release of information on investigations and any public report on the closing on an investigation," the agency said in a statement. Authorities say that at about 4 p.m. on June 8, two park rangers responded to reports of two people dead at a remote campground within the park. After hiking 11 miles to the campground, the rangers found the two people on Monday. Additional ground and aviation resources responded to the scene. The cause of death is unknown.
Yahoo
37 minutes ago
- Yahoo
Mom of 3-year-old Nola Dinkins, who was subject of Amber Alert, charged with lying to police
The mother of a 3-year-old girl whom police say falsely reported that her daughter was abducted has been charged with lying to police following an "intensive" nightlong investigation that involved multiple police agencies, including the FBI. Darrian Randle, 31, was charged with one felony count of false reporting for calling New Castle County Police on the evening of June 10 to say her daughter, Nola Dinkins, was abducted at gunpoint in the 500 block of Gender Road in Ogletown. Police now believe Dinkins to be dead, with Maryland State Police saying just before 4:30 p.m. on June 11 that a body had been found in Cecil County. The agency said investigators are "waiting on positive identification." BACKGROUND: Bill to limit Delaware police cooperation with feds on immigration released from House committee Randle told police that she was driving and Dinkins was upset, so she stopped the car to calm the girl down about 7:15 p.m. She claimed that's when the little girl was taken. Police said at a brief news conference on June 11 that the story was a lie. 'The Amber Alert is now canceled and there's no danger to the public,' said New Castle County Police Sgt. Andrea Botterbusch. 'Sadly, this incident is now being treated as a homicide investigation.' Elena Russo, a spokesperson for the Maryland State Police, confirmed they are leading the investigation. She said police believe the child lived in Cecil County, Maryland. Little information about Randle was immediately known. A largely private Facebook profile showcased two photos that appeared to be of Dinkins when she was a baby. Court records from Indiana, where public records show Randle lived for many years, show a paternity case with Dinkins' father was resolved in March of this year. Randle had filed a notice of relocation in January. The case ultimately went to mediation and was resolved, court records show. When reached by Delaware Online/The News Journal via phone on June 11, Dinkins' paternal grandmother directed a reporter to a family spokesperson. That woman, who did not give her name, said the family did not have "anything to share at this moment." This is a developing story. Return to for updates. This article originally appeared on Delaware News Journal: Mom of girl who was subject of Amber Alert charged with lying to police
Yahoo
40 minutes ago
- Yahoo
Microsoft Debuts ROG Xbox Ally Handhelds, Marking Entry into Portable Gaming
Microsoft Corporation (NASDAQ:MSFT) is one of the best Dow stocks to invest in. The company is entering the handheld gaming market for the first time with the upcoming launch of the ROG Xbox Ally devices. Created in partnership with ASUS, these handhelds are designed to deliver a full Xbox gaming experience in a portable format. Users will be able to play Xbox titles, stream content, and use cloud gaming features while on the move. A development team working together to create the next version of Windows. Microsoft Corporation (NASDAQ:MSFT) made the following comment: 'Players can look forward to an approachable gaming experience that travels with you wherever you go, featuring several new and first-of-their kind features on both devices,' The announcement comes shortly after Nintendo revealed its Switch 2, signaling a new phase in the competition for portable gaming dominance. Microsoft Corporation (NASDAQ:MSFT) described this move as part of its broader strategic vision. A Microsoft spokesperson made the following statement in an email to CNBC: "Everything we do starts with the player. We're continuously pushing ourselves to innovate and bring new product offerings and choice to players." While we acknowledge the potential of MSFT as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: and Disclosure. None.