Russian Police Bust Suspected Meduza Infostealer Developers

3 'Young IT Specialists' Arrested After Malware Tied to Government Agency Infection Mathew J. Schwartz (euroinfosec) • October 31, 2025

Russian police arrested "three young IT specialists" suspected of developing and selling the Meduza credential-harvesting malware.

See Also: Tokenization, Authentication, and the Future of Machine-Led Transactions

Authorities from the Ministry of Internal Affairs of Russia, together with police investigators, charged the men with developing and supplying the information-stealing malware, and tying it to an attack that breached and stole data from a government institution in the country's southern Astrakhan region in May, said a ministry spokeswoman in a Russian-language post to Telegram.

Police arrested all of the suspects in or around Moscow and seized computing equipment, communication devices and payment cards. Authorities didn't specify the suspects' identities or dates of arrest, or under what terms they may have been bailed. They accused the men of gaining unauthorized ...