International Coalition Shuts Down Global Malware Network Targeting Millions

International Coalition Shuts Down Global Malware Network Targeting Millions

(IN BRIEF) An international operation coordinated by Eurojust successfully dismantled servers and communication channels of the RedLine and META malware, which had targeted millions of victims worldwide to steal personal data like usernames, passwords, and cryptocurrency information. Authorities from the Netherlands, United States, Belgium, Portugal, United Kingdom, and Australia collaborated to shut down three servers, seize two domains, and arrest two suspects in Belgium. A video message was also sent to cybercriminals to demonstrate law enforcement’s reach and intent to curb cybercrime. Further investigations are underway, and an online tool has been created to help potential victims check if their data was compromised.

(PRESS RELEASE) THE HAGUE, 30-Oct-2024 — /EuropaWire/ — In a major coordinated effort, an international coalition dismantled servers hosting the RedLine and META malware, which had targeted millions of people worldwide. Eurojust highlights a global operation involving authorities from the Netherlands, United States, Belgium, Portugal, United Kingdom, and Australia that led to the shutdown of three servers in the Netherlands, seizure of two domains, and the arrest of two suspects in Belgium.

The RedLine and META malware programs, known as “infostealers,” were designed to siphon personal data from infected devices, including usernames, passwords, addresses, and cryptocurrency information, and then sold on criminal marketplaces for further cybercrimes. The investigation was spurred by victim reports and a tip from a security firm, leading authorities to uncover over 1,200 active servers running the malware across numerous countries. With Eurojust’s support, authorities swiftly coordinated information exchange and action to take down the malware network.

On October 28, the international operation successfully dismantled the servers and communication channels associated with RedLine and META. The coalition also retrieved a client database, opening further investigations into cybercriminals who utilized the stolen data for illegal purposes. To send a message to perpetrators, authorities sent a video after the takedown, underscoring their capability to disrupt cybercrime networks. Belgian authorities followed up by dismantling several communication channels used by the malware operators.

For individuals concerned about potential exposure to the malware, a private security company has launched an online tool to verify if their information was compromised and to guide them on protective measures.

The global operation involved key law enforcement agencies, including the Dutch National Police, the FBI, UK’s National Crime Agency, and the Australian Federal Police, exemplifying a robust international response to rising cyber threats.

The following authorities were involved in the actions:

• The Netherlands: National Police, Team Cybercrime Limburg, Public Prosecution Service
• United States: Federal Bureau of Investigation; Naval Criminal Investigative Service; Internal Revenue Service Criminal Investigations; Department of Defense Criminal Investigative Service; Army Criminal Investigation Division
• Belgium: Federal Prosecutor’s Office; Federal Police
• Portugal: Polícia Judiciária
• United Kingdom: National Crime Agency
• Australia: Australian Federal Police

Media Contact:

Eurojust Press Team
Phone: + 31 70 412 55 00
media@eurojust.europa.eu

Source: Eurojust