Back in 2022, we blogged about the fact tht Red Line Stealer was the next biggest thing. It looks like this stealer and Meta Stealer were developed by the same actors, as the article indicates that both have been recently seized by law enforcement.
We’ve also talked about it in podcasts, although that may not necessarily be highlighted in podcast show notes saying so.
The Dutch National Police seized the network infrastructure for the Redline and Meta infostealer malware operations in “Operation Magnus,” warning cybercriminals that their data is now in the hands of law enforcement.
Operation Magnus was announced on a dedicated website that disclosed the disruption of the Redline and Meta operations, stating that legal actions based on the seized data are currently underway.
“On the 28th of October 2024 the Dutch National Police, working in close cooperation with the FBI and other partners of the international law enforcement task force Operation Magnus, disrupted operation of the Redline and Meta infostealers,” reads a short announcement on the Operation Magnus site.
The article also says:
Politie says they were able to disrupt the operation with the help of international law enforcement partners, including the FBI, NCIS, the U.S. Department of Justice, Eurojust, the NCA, and the police forces in Portugal and Belgium.
It goes in to detail about what Redline did and what Meta did, but both could sell the data they collected.
More information will be released, says the article, and those who may be investigated are being contacted by Law enforcement. Notices on what they are getting are included in this article.
Over the past couple of years, information-stealing malware has become a massive problem for the enterprise as the stolen credentials are commonly sold on the dark web or released for free to gain a reputation in the hacking community.
Malicious campaigns involving information-stealing malware have become abundant, with threat actors targeting victims through zero-day vulnerabilities, fake VPNs, fake fixes to GitHub issues, and even answers on StackOverflow.
One point the article says is this:
It should be noted that the disrupted Meta operation is different than the MetaStealer malware targeting macOS devices.
Also,
Stolen credentials have been used to power some of the most significant breaches in recent history, including the wide-scale Snowflake data theft attacks and the Change Healthcare ransomware attack, which caused massive disruption to the U.S. healthcare system.
Did you know that over 1700 million pieces of credentials were stolen from this operation which fueled other breaches that we may or even may not have covered on the blog and podcast?
To read the entire article, please read Redline, Meta infostealer malware operations seized by police and please find this information of value. This is definitely some great news.
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.