Dutch police, working with partners from around the world, have made an important achievement by shutting down two well-known groups responsible for stealing information. These groups are called RedLine and MetaStealer. This is a big step in fighting cybercrime.
The operation, codenamed “Operation Magnus,” took place on October 28, 2024, and involved authorities from the United States, the United Kingdom, Belgium, Portugal, and Australia.
The takedown resulted in the shutdown of three servers in the Netherlands and the confiscation of two domains. Authorities estimate that over 1,200 servers across dozens of countries were involved in running the malware.
The operation led to the arrest of two individuals in Belgium, one of whom remains in custody. U.S. authorities have filed charges against an administrator.
Strategies to Defend Websites & APIs from Malware Attack -> Free Webinar
RedLine and MetaStealer are information-stealing malware that target sensitive data such as passwords, login credentials, and personally identifiable information.
These tools have been crucial in the cybercrime ecosystem, allowing threat actors to harvest valuable data for further attacks or sale on criminal marketplaces.
The Dutch National Police gained full access to the criminals’ back-end infrastructure, including source code, license servers, API servers, panels, and Telegram bots.
This access has provided law enforcement with valuable information about the malware’s users, including usernames, passwords, IP addresses, and registration dates.
Security researchers estimate that RedLine alone was responsible for stealing over 170 million passwords in just the last six months. The malware has been active since at least 2020 and was often distributed through phishing emails or malicious downloads.
The success of Operation Magnus demonstrates the power of international cooperation in combating cybercrime.
ESET has created a new tool that helps you determine whether your personal information has been stolen and gives advice on what to do if it has been.
As investigations continue, authorities are expected to take further legal actions against individuals involved in using and distributing these malware strains.
This operation serves as a stark warning to cybercriminals that law enforcement agencies are becoming increasingly effective at disrupting their activities, even in spaces where they previously felt untouchable.
Run private, Real-time Malware Analysis in both Windows & Linux VMs. Get a 14-day free trial with ANY.RUN!