Police Seize Servers for Two Notorious Malware Strains: Redline and Meta
PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.
The FBI has partnered with European police to shut down Redline and Meta, two Windows-based malware strains that were likely used to steal hundreds of millions of passwords.
Dutch National Police today announced the takedown on a website dedicated to Operation Magnus. “We gained full access to all Redline and Meta servers,” they said.
The site also says police distributed an update to hackers who used the Redline and Meta malware designed to spy on them. Police got a look at the data hackers were stealing from victims and communications they had with sellers of the Redline and Meta malware. The same update can also apparently uncover the hackers’ IP address.
“Thank you for installing this update. We are looking forward to seeing you soon,” the video says next to an icon of two hands in handcuffs. The same site promises it’ll announce another update tomorrow while warning: “Involved parties will be notified, and legal actions are underway.”
Europol and the UK’s National Crime Agency have since confirmed Operation Magnus’s legitimacy, although it’s unclear how law enforcement infiltrated the servers.
Still, the crackdown is expected to deal a significant blow to cybercrime. Redline is one of the most notorious “info stealing” malware programs available in the hacking world. Security researchers at Specops Software recently estimated that Redline infections had stolen over 170 million passwords in the past six months.
Active since at least 2020, Redline has often been circulated through phishing emails or internet downloads. It works by harvesting information from victim computers, including information entered into the browser, such as passwords. The creators behind the malware have been selling access to it for $100 or $150 per month.
Meta, which arrived on the scene in 2022, has been operating in a similar fashion. Specops Software’s report also estimates it stole about 38 million passwords in the past six months.
According to the takedown notice from European police, Redline and Meta “are pretty much the same,” an indicator that the two malware strains were developed by the same creators. Both strains were available for sale on the messaging app Telegram.