Information stealing payloads Redline and Meta, also known as MetaStealer, had their operations disrupted after the Dutch National Police's sequestration of their shared network infrastructure as part of Operation Magnus conducted alongside the FBI and other law enforcement agencies, reports BleepingComputer.
Such crackdown efforts have enabled access to the infostealers' source code, including REST-API services, license servers, stealer binaries, and Telegram bots, as well as the IP addresses, credentials, and registration details of their users, said the agencies in a video posted on Operation Magnus website. Threat actors leveraging Redline and Meta have also been alerted by the Dutch police of further action following the seizure of both stealers' infrastructure on the XSS hacking forum. "Your client data is part of this dataset. We are reviewing this data as part of an ongoing internationally coordinated investigation," said the warning. Redline and Meta have been among the most prolific information-stealing payloads, exfiltrating 227 million credentials combined so far this year, according to Recorded Future Director of Product Management Dmitry Smilyanets.