'All servers' for Redline and Meta infostealers hacked by Dutch police and FBI
The Dutch National Police announced on Monday having gained “full access” to all of the servers used by the Redline and Meta infostealers, two of the most widely used cybercrime tools on the internet.
Infostealer malware is a major cybersecurity threat, often sold as a malware-as-a-service tool, that infects victims’ devices to harvest information such as credit card details and autofill password data.
Criminals using the malware then bundle the information into logs that are sold on credential marketplaces to fraudsters as well as other criminals attempting to infiltrate any organizations for which login details have been exposed.
On Monday, the Dutch National Police — alongside the FBI and other partner agencies in the United States, Australia and United Kingdom — announced disrupting these two infostealers on a website for “Operation Magnus,” which has a timer promising “more news” counting down to noon on Tuesday, Dutch local time.
A video on the site mimicking the criminals’ own advertisements says the police have provided a “final update” for both the Redline and Meta infostealer strains, explaining that the international operation “gained full access to all Redline and Meta servers.”
The video displays the extent of this access, showing off several administrator panels, the malware source code, and also listing what appears to be many dozens of usernames for individuals who use the malware-as-a-service tool.
“Involved parties will be notified, and legal actions are underway,” states the site, while the video adds, alongside a graphic of cuffed hands: “Thank you for installing this update. We’re looking forward to seeing you soon.”
Alexander Martin
is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative.