International Crackdown Brings Down Servers, Seizes Domains in Coordinated Effort Against Cybercrime
In an unprecedented international operation, law enforcement agencies have shut down one of the world’s most extensive malware platforms, targeting millions of victims worldwide, according to Eurojust, the European Union’s judicial arm. The takedown of the cybercrime scheme, known as “Operation Magnus,” marks the culmination of a year-long investigation involving multiple countries, including the Netherlands, Australia, Britain, and the United States.
The malware platform, operating under the names Redline and META, was responsible for infecting devices on a massive scale, extracting sensitive personal data such as usernames, passwords, and cryptocurrency wallet information from victims. “The infostealers taken down… targeted millions of victims worldwide, making it one of the largest malware platforms globally,” stated Eurojust.
Authorities found over 1,200 servers across multiple countries hosting this malware, Eurojust revealed, detailing the operation coordinated from its headquarters in The Hague. As part of the takedown, officials shut down three servers in the Netherlands, seized two critical domains, and unsealed charges in the United States. Additionally, two suspects were taken into custody in Belgium as part of the global crackdown.
Redline and META were engineered to harvest personal data from infected devices, including any automatically saved information, such as email addresses and physical addresses, as well as login details and cryptocurrency wallets. The infection typically occurred when victims downloaded software from untrustworthy sources, unknowingly allowing the malware to infiltrate their systems.
The investigation into Redline and META began after multiple victims came forward, and a security firm alerted authorities to suspicious servers located in the Netherlands. “After retrieving the personal data, the infostealers sold the information to other criminals through criminal marketplaces,” Eurojust explained in a statement. The data harvested from victims was subsequently used by other cybercriminals for financial theft, cryptocurrency fraud, and further hacking schemes.
In addition to dismantling the physical servers, investigators have also taken action against online communication channels used by the cybercriminals. Several Telegram messaging accounts, used to advertise the services of Redline and META, were taken down, according to Dutch police, further disrupting the group’s operations.
Authorities believe this operation to be one of the largest coordinated actions against a malware platform in recent history. Eurojust emphasized that while this takedown represents a significant win, international collaboration will continue to play a crucial role in countering the ever-evolving landscape of cybercrime.
