The Dutch National Police have reported accessing servers belonging to Redline and Meta, both identified as infostealer malware utilized by cybercriminals to acquire credentials from individuals and organizations. This action is the result of Operation Magnus, a collaborative initiative between the Dutch National Police, the FBI, NCIS, and other law enforcement agencies, aimed at dismantling these illegal tools.
According to TechCrunch, Redline has been operational since 2020, whereas Meta is relatively newer but exhibits similar functionalities. The Operation Magnus website includes a 50-second video in English highlighting certain individuals deemed “very important to the police” that authorities are actively seeking.
Redline is notably linked to the 2022 Uber cybersecurity breach. Specops, a company specializing in password management, disclosed that Redline was instrumental in the theft of nearly half of the 170 million passwords from data compiled by KrakenLabs. Additionally, McAfee uncovered a variation of Redline concealed in fake gaming cheats, indicating that even gamers are vulnerable.
The video reveals that law enforcement agencies accessed user credentials, IP addresses, and Telegram bots that criminals employed to exfiltrate sensitive data. On these servers, authorities also discovered the source code for both malware strains.
Although no arrests have been announced, the Operation Magnus website indicates that involved parties will be informed, and legal proceedings are in progress. Additionally, a countdown on the site suggests forthcoming updates within roughly 20 hours.