Microsoft Files Lawsuit After Nearly 400K PCs Hit by Data-Stealing Malware - 1

Image by Matthew Manuel, from Unsplash

Microsoft Files Lawsuit After Nearly 400K PCs Hit by Data-Stealing Malware

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Microsoft has shut down a major cybercrime operation after finding 394,000 Windows computers infected with the Lumma Stealer malware worldwide.

In a rush? Here are the quick facts:

  • Lumma malware infected nearly 400,000 Windows PCs between March and May 2025.
  • Hackers stole passwords, banking data, and crypto wallets using Lumma Stealer.
  • Microsoft seized 1,300+ malicious domains; Europol helped with 300 more.

Microsoft has taken legal action to shut down a widespread malware campaign that infected nearly 400,000 Windows computers across the world, as reported by Reuters . The cybercriminals employed Lumma Stealer malware to steal passwords, credit card numbers, bank account information, and cryptocurrency wallet details.

The Digital Crimes Unit (DCU) of the company took the lead in this operation by working with international law enforcement agencies. The cybercriminals used the malware to steal data on a massive scale between March 16 and May 16, 2025.

“Working with law enforcement and industry partners, we have severed communications between the malicious tool and victims,” Microsoft said . Microsoft also announced that it had taken control of more than 1,300 malicious domains through seizure or redirection, while Europol helped seize or redirect 300 domains.

Microsoft received a court order from the U.S. District Court in Georgia, allowing it to take down web domains supporting Lumma’s network. The U.S. Department of Justice later seized Lumma’s “central command structure” and took down marketplaces selling the malware, as reported by CNBC .

According to Reuters, the FBI’s Dallas Field Office currently leads the investigation. Microsoft stated that Lumma Stealer was available for purchase on dark web forums since 2022 and its developers continuously updated the malware to evade detection.

Reuters reports that in a separate blog post, Microsoft said, “The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscore the need for layered defenses and industry collaboration to counter threats.”

The cybercriminals used fake Booking.com branding to deceive users into downloading Lumma malware. The malware targeted various sectors including gaming communities as well as schools and healthcare organizations and manufacturing facilities and logistics operations.

Microsoft Leak Reveals Walmart AI Plans - 2

Image by David Montero, from Unsplash

Microsoft Leak Reveals Walmart AI Plans

  • Written by Kiara Fabbri Former Tech News Writer
  • Fact-Checked by Sarah Frazier Former Content Manager

Microsoft accidentally revealed Walmart’s AI strategy during a live Build session disrupted by protesters.

In a rush? Here are the quick facts:

  • Microsoft exec accidentally leaked Walmart AI plans.
  • Leaked chat showed Walmart prefers Microsoft over Google for AI.
  • “MyAssistant” AI tool flagged as needing safety guardrails.

The incident occurred during a presentation about AI security which took place at Microsoft’s Build conference. The group No Azure for Apartheid interrupted the presentation to accuse Microsoft of supporting violence in Gaza.

The Verge reports that Hossam Nasr who used to work at Microsoft as a former employee shouted: “Sarah Bird, you are whitewashing the crimes of Microsoft in Palestine […] How dare you talk about responsible AI when Microsoft is fueling the genocide in Palestine.”

During the livestream interruption Microsoft’s AI security chief Neta Haiby unintentionally displayed internal Microsoft Teams messages on her screen. The internal messages from Microsoft revealed Walmart plans to increase its deployment of Entra Web and AI Gateway services.

“Walmart is ready to rock and roll with Entra Web and AI Gateway,” wrote a Microsoft cloud architect, as reported by The Verge. Another message from a Walmart AI engineer said, “Microsoft is WAY ahead of Google with AI security. We are excited to go down this path with you.”

CNBC reports that the leaked chat also flagged a Walmart tool called “MyAssistant” as needing stronger safety measures, describing it as “overly powerful.” This tool helps Walmart employees create marketing content and summarize long documents using proprietary data and OpenAI models.

The Verge notes that this is the third protest at Microsoft Build this week. The company faced interruptions at multiple events because attendees accused its technology of supporting war crimes.

CNBC noted that Microsoft and Walmart failed to provide any statements regarding the matter.