From Operation Magnus:
On the 28th of October 2024 the Dutch National Police, working in close cooperation with the FBI and other partners of the international law enforcement task force Operation Magnus, disrupted operation of the Redline and Meta infostealers.
Involved parties will be notified, and legal actions are underway.
Watch their update and stay tuned!
As The Register reports on the announcement:
Among the data law enforcement officials gained access to were usernames, passwords, IP addresses, timestamps, registration dates, “and much more.”
Investigators say they also acquired all source code for both infostealers, including the license and REST API servers, user panels, and Telegram bots.
The video also confirmed a stream of usernames, suggesting that investigators now have a list of individuals who had paid for and likely deployed the malware at least once.
Disrupting infostealers is a significant achievement. SpyCloud recently reported nearly one-third of companies that experienced a ransomware event last year had at least one infostealer infection in the 16 weeks prior to being attacked. Despite warnings to the public and employees about Redline, such as the article written in 2022 by Britton White and PogoWasRight, SpyCloud also reported that as many as 1 in 5 people are the victim of an infostealer infection, with each infection exposing anywhere from 10 to 25+ third-party business application credentials, on average.