Microsoft’s Digital Crimes Unit (DCU) has filed a legal action against Lumma Stealer, after it found nearly 400,000 Windows computers globally infected by the information-stealing malware in the past two months.

Lumma is capable of stealing data from various browsers and applications, such as cryptocurrency wallets, and installing other malware, the company said in a blog.

Microsoft’s DCU helped in the “takedown, suspension, and blocking of malicious domains that formed the backbone of Lumma’s infrastructure,” via a court order from the US District Court of the Northern District of Georgia, the blog said.

The US Department of Justice said it has seized five internet domains used by malicious cyber actors to operate the LummaC2 information-stealing malware service.

The FBI’s Dallas Field Office is investigating the case.

“The growth and resilience of Lumma Stealer highlight the broader evolution of cybercrime and underscores the need for layered defences and industry collaboration to counter threats,” Microsoft said in a separate blog post on the malware.