[German]International law enforcement agencies from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia have shut down three servers in the Netherlands and seized two domains linked to the infostealers Redline and Meta as part of Operation Magnus. In addition, charges were brought in the United States and two people were taken into custody in Belgium.
Advertising
The information was already circulating on Monday (October 28, 2024) that international law enforcement authorities were closing in on the cybercriminals who used the infostealers Redline and META. A few hours ago, I came across the following post on Mastodon.
In a press release, Eurojust announces that a global law enforcement operation, supported by Eurojust, has taken down the infrastructure of the RedLine and META malware. During the operation, the servers used by the Infostealers were shut down. The shut down Infostealers RedLine and META target millions of victims worldwide and the operators had set up one of the largest malware platforms in the world.
Infostealer is a type of malware used to steal personal data and carry out cybercrime worldwide.
RedLine and Meta were able to steal personal data from infected devices. The data included stored usernames and passwords as well as automatically stored form data such as addresses, email addresses, phone numbers, cryptocurrency wallets and cookies.
After retrieving the personal data, the cybercriminals, known as Infostealers, sold the information to other criminals via criminal marketplaces. The criminals who bought the personal data used it to steal money and cryptocurrencies and carry out further hacking activities.
Advertising
Thanks to the cooperation of an international coalition of authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia, the Infostealer infrastructure was shut down. On October 28, 2024, the Dutch police shut down three servers in the Netherlands as part of Operation Magnus. The Dutch police also confiscated two domains used by the cybercriminals.
Charges were brought in the United States at the same time. And in Belgium, two people were taken into custody.
Huge operation and investigation
The investigation into RedLine and Meta began after victims came forward and a security company informed the authorities about possible cybercriminal servers in the Netherlands.
The authorities then discovered during their investigation that over 1,200 servers in dozens of countries were running the malware. To shut down the transnational malware, Eurojust coordinated cooperation between authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia. Through Eurojust, the authorities were able to quickly exchange information and coordinate measures to combat the infostealers.
The infrastructure was taken down on October 28 as part of a global operation. After the authorities obtained the data and shut down the servers, a message with a video was sent to the suspected perpetrators. The video sends a clear message to the criminals and shows that the international coalition of authorities was able to obtain important data about their network and disrupt their criminal activities.
After sending the message, the Belgian authorities shut down several redline and meta-communication channels. The authorities also seized a RedLine and Meta customer database. The investigation into the criminals using the stolen data is now continuing.
Statements from the US judiciary can be found here, the statement from the Dutch police can be accessed here.
Am I affected?
For people who fear they have been a victim of RedLine and Meta, the security company ESET has set up an online tool that allows those affected to check whether their data has been stolen. The tool helps potential victims with the steps they need to take if their data has been stolen.
Advertising
