The Redline and Meta infostealers’ system, vital to cybercriminals, ruptured in an international push to take down the essential components of the criminal underground ecosystem.
The Dutch National Police said the authorities have gained “full access to Redline and Meta infostealers” servers. Titled “Operation Magnus,” the action involved several law enforcement agencies, including the FBI and the UK’s National Crime Agency (NCA).
Redline and Meta’s infostealers are among cybercriminals’ favorites due to the ease of use and low price of the malware. Both underground software products authorities busted are so-called Malware-as-a-Service (MaaS), a piece of malicious software wannabe hackers purchase for around $100 on the low end and anywhere up to $1,000 for “Pro” plan options.
Cybercrooks deploy infostealers via phishing campaigns that often involve malicious spam emails. Once victim devices are infected, attackers take over user credentials and sell them off on the dark web or abuse themselves. Redline and Meta malware are among the most popular types of infostealers, utilized for nefarious purposes since 2020 and 2022, respectively.
The bust could spell bad news for whoever’s behind the infostealers. A video authorities posted on a website dedicated to the operation claims that Redline and Meta likely used the same servers. Authorities included screenshots indicating admin-level access, including control panels and access to dedicated social media accounts.
Authorities imply they have usernames, passwords, IP addresses, registration dates, and even a list of nicknames the infostealers’ operators supposedly use. All of this spells big trouble for infostealer users who skimped on operational security and are based in countries that extradite to the EU or the US.
VIP users, which the authorities jokingly dubbed “very important to the police,” were likely also exposed. Similarly to the takedown of LockBit ransomware, the Operation Magnus website includes a timer set to expire on October 29, implying new details about the operation will be revealed.
“Involved parties will be notified, and legal actions are underway,” Operation Magnus website reads.
While it’s impossible to say how much damage Redline and Meta have caused, given the prominence of both malware types, the low end of damages is likely in the tens of millions of dollars. Even though disrupting two infostealers will not end cybercrime, it will become more difficult for opportunistic cybercriminals to carry out effective attacks.
Your email address will not be published. Required fields are markedmarked