Tech »  Topic »  Life on a crooked RedLine: Analyzing the infamous infostealer’s backend

Life on a crooked RedLine: Analyzing the infamous infostealer’s backend


Following the takedown of RedLine Stealer by international authorities, ESET researchers are publicly releasing their research into the infostealer’s backend modules

08 Nov 2024 , 24 min. read

On October 28th, 2024, the Dutch National police, alongside the FBI, Eurojust, and several other law enforcement organizations, performed a takedown of the infamous RedLine Stealer malware-as-a-service (MaaS) operation, and its clone called META Stealer. This global effort, named Operation Magnus, resulted in the takedown of three servers in the Netherlands, the seizure of two domains, two people being taken into custody in Belgium, and the unsealing of charges against one of the alleged perpetrators in the United States.

Back in April 2023, ESET participated in a partial disruption operation of the RedLine malware, which consisted of the removal of several GitHub repositories used as dead-drop resolvers for the malware’s control panel. Around that time, we investigated previously undocumented backend ...


Copyright of this story solely belongs to welivesecurity.com . To see the full text click HERE