The police operation claims to remove the prolific Redline and Meta password stealers

A coalition of international law enforcement agencies said they have disrupted the operations of two prolific information thieves who stole the sensitive data of millions of people.

The Dutch National Police, which led the so-called “Operation Magnus” takedown, reported that it had “full access” to the servers used by the information thieves Redline and Meta.

Infostealers are a type of malware specifically designed to extract sensitive information, such as passwords, credit card data, search history, and the contents of cryptocurrency wallets, from an infected system.

Redline is one of the most common strains of information-stealing malware. Criminals have been using the Redline app, which has been active since 2020, to steal sensitive data from hundreds of millions of people, according to a new report. Latest report. The malware is attributed to the 2022 Uber hack, the theft of login details from Worldcoin Orb operators, and the hacking of a senior official at the Israeli National Cybersecurity Directorate.

The Meta is a relatively new information theft tool, though Operation Magnus notes: “We gained full access to all of the Redline and Meta servers. Did you know they were actually pretty similar?”

In a video posted to the site on Monday, the agencies say they had access to usernames, passwords, IP addresses, timestamps and registration dates, along with the source code of both information thieves and Telegram bots used by the app’s operators. Malware.

The agencies also rattled off a list of usernames that belong to the “VIP” — or “Very Important to Police” — category of Redline users and Meta infotealers. It is not yet clear whether any arrests have been made as part of the operation, but the website claims that “legal proceedings are underway.”

Operation Magnus, which was supported by the US FBI and the UK’s National Crime Agency, was announced in Newly created website Excursion of Redline and Meta operations. Simon van Wurdragen, a spokesman for the Dutch National Police, told TechCrunch that it would release more information about the takedown on Tuesday.

A similar takedown approach was taken during the recent operation targeting LockBit, which saw police take control of a ransomware gang’s dark web leak site to publish details of the operation.